0b7b446b77fa75081abbd213555b6eec24de88577c00718c5783a7c6a4cd413d

Sharing

Copy URL Twitter E-mail

General

Target

0b7b446b77fa75081abbd213555b6eec24de88577c00718c5783a7c6a4cd413d
Size

175KB
MD5

09bcec70c2e2ddd205a979b72398653b
SHA1

4d498bccd1b20e0a4d828ff203a81669d94f15f7
SHA256

0b7b446b77fa75081abbd213555b6eec24de88577c00718c5783a7c6a4cd413d
SHA512

bbbba300cf2b579a5a3d5c534f585dd0aee209104cc81cd2c3e3af86d83a077de403dde37c428b8b6b21df69c463d1fa043b84a655b92d9c460ff7519add180f
SSDEEP

3072:Gz31vACyGOOwLA7JxzUxrRoxDZ6KJU5re48n6ZU0Mx7/pRBtzo:GzdACyO8A/YxVqZ7GCnUf+bpR

Score

N/A

Malware Config

Signatures

Files

0b7b446b77fa75081abbd213555b6eec24de88577c00718c5783a7c6a4cd413d
.exe windows x86

3feb58b2c4d93f368a2e693210ed590f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegSetValueExW
DecryptFileW
RegQueryValueExW
EncryptFileW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyW
RegCloseKey

kernel32

GetModuleHandleW
UnhandledExceptionFilter
ExitProcess
MultiByteToWideChar
LocalAlloc
InterlockedExchange
GetCalendarInfoW
GetCurrentProcess
WaitForSingleObject
EncodePointer
GetProcAddress
ReleaseMutex
GetTickCount
Sleep
MapViewOfFile
OpenProcess
GetLogicalDriveStringsW
IsWow64Process
lstrcmpiW
UnmapViewOfFile
GetLastError
FreeLibrary
LocalFree
OutputDebugStringA
WideCharToMultiByte
lstrlenW
EnumResourceNamesA
EnterCriticalSection
LoadLibraryW
OutputDebugStringW
GetFileSizeEx
SetFileAttributesW
GetCurrentDirectoryW
QueryDosDeviceW
InterlockedCompareExchange
InitializeCriticalSection
GetModuleFileNameW
FindNextFileW
GetFileAttributesW
SetUnhandledExceptionFilter
VirtualQuery
SearchPathW
GetModuleHandleA
FindClose
GetProcessId
FindFirstFileW
GetSystemTimeAsFileTime
QueryPerformanceCounter
DuplicateHandle
SetLastError
GetFileInformationByHandle
CreateFileMappingW
GetCurrentThreadId
CreateDirectoryW
SetEnvironmentVariableW
VirtualProtect
CreateMutexW

gdiplus

GdipGetImageWidth
GdipDisposeImage

shlwapi

StrDupW
PathSkipRootW
SHRegGetValueW
PathGetArgsW
PathIsUNCW
PathFindFileNameW

user32

GetClassNameW
AllowSetForegroundWindow
GetGUIThreadInfo
GetWindowThreadProcessId
GetPropW
GetForegroundWindow

ole32

CoGetDefaultContext
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemFree

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3feb58b2c4d93f368a2e693210ed590f

Headers

File Characteristics

Imports

advapi32

kernel32

gdiplus

shlwapi

user32

ole32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 69KB - Virtual size: 68KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 69KB - Virtual size: 68KB

.edata
Size: 1024B - Virtual size: 92KB