26a9a881eb3bb9491ff268ee107c0030252291cecc69326b25e57e6eb591ef6b

Sharing

Copy URL Twitter E-mail

General

Target

26a9a881eb3bb9491ff268ee107c0030252291cecc69326b25e57e6eb591ef6b
Size

240KB
MD5

653ae6cf696d79428b78473de83134a3
SHA1

58206276e16fd2ac0a53a77935c6b092c89afe52
SHA256

26a9a881eb3bb9491ff268ee107c0030252291cecc69326b25e57e6eb591ef6b
SHA512

acc88443c2577b299226a0af25c09352729b9de13999b895a6c8a1fcadaaf628aeb5814c48800c65d5813b8eb637fc35a2145ca3e8fd09308dfcdc8ba4ea135a
SSDEEP

6144:l8d027b/1fiZRxIi4Jtr8a73poQ5000pWpVR/pRB:l8d0W4Rx94fvVxpbF

Score

N/A

Malware Config

Signatures

Files

26a9a881eb3bb9491ff268ee107c0030252291cecc69326b25e57e6eb591ef6b
.exe windows x86

fc4d31e9051b73f5c92ccacb80a24549

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tosbtapi

BtFreePBTANALYZEDATTRLIST2
BtCancelDiscoverRemoteDevice
BtAnalyzeProtocolParameter2
BtDiscoverRemoteDevice2
BtAnalyzeServiceAttributeLists2
BtDiscoverRemoteName
BtServiceSearchAttribute2
BtGetRemoteClassOfDevice
BtMakeAttributeIDList2
BtGetRemoteDeviceList2
BtMakeServiceSearchPattern2
BtGetLocalInfo
BtGetLocalInfo2
BtCloseAPI
BtConnectSDP
BtNotifyEvent
BtGetLocalDeviceName
BtOpenAPI
BtSetAutoConnectCOMMState
BtSetAutoConnectCOMMInfo
BtRemoveRemoteDevice
BtAssignSCN
BtConnectCOMM2
BtCreateCOMM
BtMemFree
BtGetCOMMCreatorName2
BtGetCOMMInfoList2
BtDisconnectCOMM
BtNotifyCOMM
BtRemoveServiceRecord
BtFreeSCN
BtDestroyCOMM
BtAddServiceRecord
BtDisconnectSDP

kernel32

GetOEMCP
GetCPInfo
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameW
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
InterlockedDecrement
SetLastError
InterlockedIncrement
HeapAlloc
WaitForMultipleObjects
IsBadCodePtr
CreateMutexW
ResetEvent
GetOverlappedResult
WriteFile
PeekNamedPipe
ConnectNamedPipe
GetCommModemStatus
GetTickCount
ClearCommError
WaitCommEvent
lstrlenW
Sleep
CreateEventW
IsValidCodePage
CreateFileW
SetEvent
SetThreadPriority
WaitForSingleObject
CancelIo
TerminateThread
DisconnectNamedPipe
CloseHandle
HeapFree
ReleaseMutex
GetCurrentThreadId
HeapSize
ExitThread
PurgeComm
SetCommMask
HeapValidate
SetCommState
ReadFile
GetProcessHeap
GetCommState
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
TlsFree
GetStringTypeW
GetStringTypeA
SetFilePointer
GetConsoleCP
GetConsoleMode
CreateThread
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
RtlUnwind
RaiseException
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW

user32

DefWindowProcW
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
CharUpperBuffW
RegisterClassExW
GetMessageW
PostQuitMessage
PostMessageW
UnregisterClassW
UpdateWindow
ShowWindow
CreateWindowExW

advapi32

RegCloseKey
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW

ole32

CoTaskMemFree
CLSIDFromString
StringFromCLSID

oleaut32

SysAllocStringByteLen
SysStringByteLen
VarBstrCmp
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc4d31e9051b73f5c92ccacb80a24549

Headers

File Characteristics

Imports

tosbtapi

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.text Size: 114KB - Virtual size: 116KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 114KB - Virtual size: 116KB