cb0f583969676d67f970d2b9856ebc0d24b90bad33875ad83bd7b902d905f5b4

Sharing

Copy URL Twitter E-mail

General

Target

cb0f583969676d67f970d2b9856ebc0d24b90bad33875ad83bd7b902d905f5b4
Size

152KB
MD5

6be838f81eccfeb72a4f2a1e47216458
SHA1

3dc19711dab46f6b7b0f9ce43d130353ce82e1e7
SHA256

cb0f583969676d67f970d2b9856ebc0d24b90bad33875ad83bd7b902d905f5b4
SHA512

c1033881da149f67c603ce6cbda660868867a78e1e503cd47b9908ccd7b82a7c1c03e8a5a2779feaa0cba5fee727c552edfb164aa24bfc7716ff7f6964fef67a
SSDEEP

3072:Uze9j1pZRbs6CXPbcU6cni5tMcgP/5tF1PBQt3OCbA:mHfbXBcYtF1Ot3O

Score

N/A

Malware Config

Signatures

Files

cb0f583969676d67f970d2b9856ebc0d24b90bad33875ad83bd7b902d905f5b4
.exe windows x86

b067a51407e29284e470e00ef3bf6850

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHGetValueW
PathFileExistsW
StrCmpIW
SHSetValueW

wininet

InternetOpenUrlW
InternetOpenW
InternetCloseHandle

kernel32

SetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
MoveFileW
Process32NextW
WaitForSingleObject
CreateThread
SetEndOfFile
GetFileSize
WriteFile
TerminateProcess
FindFirstFileW
Sleep
CloseHandle
CopyFileW
MoveFileExW
ReadFile
SetFilePointer
FindNextFileW
CreateFileW
DeleteFileW
FindClose
GetLastError
OpenProcess
Process32FirstW
GetProcessId
CreateToolhelp32Snapshot
CreateDirectoryW
MultiByteToWideChar
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
WriteConsoleA
SetStdHandle
LoadLibraryA
HeapReAlloc
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
GetVersionExA
GetProcessHeap
GetStartupInfoW
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

shell32

SHGetFolderPathW
CommandLineToArgvW

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b067a51407e29284e470e00ef3bf6850

Headers

File Characteristics

Imports

shlwapi

wininet

kernel32

shell32

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 60KB - Virtual size: 60KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 60KB - Virtual size: 60KB