fb0a04fb421b202f157b96b6347ebf9161fea91777e3ec63101036667a81104a

Sharing

Copy URL Twitter E-mail

General

Target

fb0a04fb421b202f157b96b6347ebf9161fea91777e3ec63101036667a81104a
Size

669KB
MD5

62e9ab1e934a9d5d304b0329a537f770
SHA1

b5f37ea90c2365425310c663b250c5931ccb235f
SHA256

fb0a04fb421b202f157b96b6347ebf9161fea91777e3ec63101036667a81104a
SHA512

3434b8bf7d86f190b4b3014d5ed8c71fe89fc2cd65186fdacf72ffefb0362202f47631328796c073b10ebf6159a77a3884a38e15bf586600fa5a44a0e680993c
SSDEEP

12288:h9mOc/rJakEonjP3INCKJNCOAXjwZlhmpKwnbDV0y5bLlV3ve+hx:h9TmPGCKJMOcjwuKobTJLLve

Score

N/A

Malware Config

Signatures

Files

fb0a04fb421b202f157b96b6347ebf9161fea91777e3ec63101036667a81104a
.exe windows x86

4fc9d7ca5440338e97c49e1e0af4b46a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetConnectW
FtpDeleteFileA
FtpRenameFileW
InternetCloseHandle
SetUrlCacheGroupAttributeW
InternetCombineUrlA
InternetCanonicalizeUrlA
ShowX509EncodedCertificate

kernel32

FlushFileBuffers
MultiByteToWideChar
HeapDestroy
RemoveDirectoryW
GetCurrentProcessId
EnterCriticalSection
LCMapStringA
CloseHandle
VirtualAlloc
GetCurrentThread
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineW
InterlockedExchange
WriteConsoleW
TlsFree
DebugBreak
SetUnhandledExceptionFilter
GetStdHandle
FreeLibrary
WriteConsoleA
GetTimeZoneInformation
SetHandleCount
GetLocaleInfoW
HeapCreate
TlsSetValue
DeleteCriticalSection
HeapValidate
GetCurrentProcess
GetModuleFileNameW
OutputDebugStringW
TerminateProcess
GetEnvironmentStringsW
CreateMutexA
LoadLibraryA
OutputDebugStringA
GetConsoleOutputCP
SetStdHandle
IsBadReadPtr
TlsGetValue
OpenMutexA
GetLastError
SetConsoleCtrlHandler
FreeEnvironmentStringsW
GetCPInfo
GetTickCount
HeapReAlloc
SetLastError
GetProcAddress
GetCommandLineA
ReadFile
InterlockedDecrement
GetSystemTimeAsFileTime
GetStartupInfoW
QueryPerformanceCounter
GetDateFormatA
GetModuleHandleA
VirtualFree
lstrlenA
CompareStringW
WideCharToMultiByte
VirtualQuery
GetStringTypeA
GetLocaleInfoA
GetProcessHeap
CompareStringA
FreeEnvironmentStringsA
WriteFile
LCMapStringW
GetUserDefaultLCID
SetFilePointer
GetConsoleCP
SetEnvironmentVariableA
TlsAlloc
InterlockedIncrement
GetModuleFileNameA
RtlUnwind
GetEnvironmentStrings
UnhandledExceptionFilter
GetStartupInfoA
GetFileType
GetConsoleMode
HeapFree
HeapAlloc
GetOEMCP
CreateFileA
GetVersionExA
LoadLibraryW
GetDriveTypeA
GetStringTypeW
lstrcmpiW
GetACP
InitializeCriticalSection
IsValidCodePage
RaiseException
IsValidLocale
ExitProcess
GetTimeFormatA
EnumSystemLocalesA
IsDebuggerPresent

comdlg32

ChooseColorA

shell32

SheChangeDirExW
SHGetFileInfoW

comctl32

InitCommonControlsEx

user32

LoadMenuA
GetWindow
DdeReconnect
RegisterClassExA
SetClipboardData
CreatePopupMenu
SetScrollPos
GetMenuState
DrawTextExW
GetCursorPos
IsCharLowerW
SetDoubleClickTime
GetClassInfoExW
CopyRect
ReleaseDC
VkKeyScanExA
CopyIcon
GetWindowPlacement
ToUnicode
GetClassLongA
SwitchToThisWindow
MessageBoxW
RegisterClassA
MapVirtualKeyExA
LoadStringW
IsClipboardFormatAvailable
EndDeferWindowPos

Sections

.text
Size: 494KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fc9d7ca5440338e97c49e1e0af4b46a

Headers

File Characteristics

Imports

wininet

kernel32

comdlg32

shell32

comctl32

user32

Sections

.text Size: 494KB - Virtual size: 493KB

.rdata Size: 55KB - Virtual size: 68KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 494KB - Virtual size: 493KB

.rdata
Size: 55KB - Virtual size: 68KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 11KB - Virtual size: 11KB