0c46c7fa44714b62597be0cea1869673d32e9825630ce5c5a275f23ba4189eb5

Sharing

Copy URL Twitter E-mail

General

Target

0c46c7fa44714b62597be0cea1869673d32e9825630ce5c5a275f23ba4189eb5
Size

216KB
MD5

a157a2dbf6e718b2f94d9eb3750c5835
SHA1

dbaffec604b3a3939c6f5540e02be2c62b665dbb
SHA256

0c46c7fa44714b62597be0cea1869673d32e9825630ce5c5a275f23ba4189eb5
SHA512

b94f30dde469383bfbc8c45abf8a62f7f0a008cda87529f3d644b3a3ea6fe7e2769e92d3d5858839cdea1f368a7eee6be4143775d6583f5b53a72b3fd7ee1608
SSDEEP

6144:PYIZPiBLj9jxxe0s7LZY6+pgqnxkVsHPuQWZgidRLTYD:BZCJja0s7NcJusH1WisRLkD

Score

N/A

Malware Config

Signatures

Files

0c46c7fa44714b62597be0cea1869673d32e9825630ce5c5a275f23ba4189eb5
.exe windows x86

bb863fb890331c25fed5faad502248e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerLanguageNameA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
VerFindFileW
VerQueryValueA

comdlg32

PrintDlgW
ChooseColorW
GetSaveFileNameW
PageSetupDlgW
ChooseFontW
ChooseFontA
GetSaveFileNameA
FindTextA
GetFileTitleW
GetFileTitleA
ChooseColorA
GetOpenFileNameA
PrintDlgExW
CommDlgExtendedError
PrintDlgA
FindTextW
GetOpenFileNameW
PageSetupDlgA

kernel32

GetVersion
IsBadWritePtr
ExitProcess
DeleteFileW
OutputDebugStringA
SetFileAttributesW
GetFileAttributesW
SetThreadPriority
OpenMutexW
Sleep
GetCurrentProcess
QueryPerformanceCounter
RaiseException
CloseHandle
ResetEvent
GetACP
GetStdHandle
GetTickCount
lstrcpyW
GetCommandLineA
OpenEventA
GetWindowsDirectoryW
WaitForSingleObject
GetProcessHeap
ResumeThread
CreateThread
CreateFileA
OpenMutexA
VirtualAlloc
GetCurrentProcessId
GetCurrentThreadId
GetThreadLocale
GetFileAttributesA
OutputDebugStringW
InitializeCriticalSection

rpcrt4

RpcRevertToSelf
NdrDllRegisterProxy
RpcEpResolveBinding
NdrOleFree
NdrStubCall2
CStdStubBuffer_DebugServerQueryInterface
RpcBindingSetAuthInfoExW
RpcBindingSetAuthInfoW
NdrStubForwardingFunction
NdrDllGetClassObject
CStdStubBuffer_Invoke
RpcServerUnregisterIf
UuidToStringA
NdrDllCanUnloadNow

msvcrt

isleadbyte
_snwprintf
__p__fmode
swscanf
wcspbrk
_ftol
strchr
swprintf
atol
_snprintf
strncpy
isalnum
_itoa
time
wcsncpy
_vsnwprintf
_except_handler3

shell32

SHGetDesktopFolder
DragQueryFileA
SHChangeNotify
SHBrowseForFolderW
SHGetPathFromIDListW
SHBrowseForFolderA
SHGetFileInfoW
SHGetFolderPathW
SHGetPathFromIDListA
ShellExecuteW
SHGetMalloc
SHFileOperationW
SHGetSpecialFolderLocation
CommandLineToArgvW
SHGetSpecialFolderPathW
ShellExecuteA
DragQueryFileW

user32

UnregisterClassA
IsWindowEnabled
EndPaint
GetForegroundWindow
IsChild
OffsetRect
PostMessageA
LoadIconA
DialogBoxParamA
IsWindow
EnumChildWindows
SystemParametersInfoA
MoveWindow
ExitWindowsEx
RegisterWindowMessageA
GetSubMenu
EndDialog
RegisterClassA
LoadIconW
SetWindowRgn
CheckMenuItem

shlwapi

PathIsURLW
PathFindExtensionA
StrToIntExW
SHSetValueW
StrTrimW
PathIsRootW
PathRemoveFileSpecA
StrChrW
StrRChrW
PathRemoveExtensionW
SHDeleteValueW
SHRegGetBoolUSValueW
PathAddBackslashW
PathCreateFromUrlW
UrlUnescapeW
StrCatBuffW
StrStrW
StrCmpIW
PathIsRelativeW
SHDeleteValueA
PathCombineW
PathRemoveBlanksW

Sections

.idata
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb863fb890331c25fed5faad502248e5

Headers

DLL Characteristics

File Characteristics

Imports

version

comdlg32

kernel32

rpcrt4

msvcrt

shell32

user32

shlwapi

Sections

.idata Size: 512B - Virtual size: 483B

.code Size: 193KB - Virtual size: 193KB

.tls Size: 512B - Virtual size: 492B

.edata Size: 512B - Virtual size: 224KB

.idata Size: 512B - Virtual size: 480B

.rsrc Size: 19KB - Virtual size: 19KB

.idata
Size: 512B - Virtual size: 483B

.code
Size: 193KB - Virtual size: 193KB

.tls
Size: 512B - Virtual size: 492B

.edata
Size: 512B - Virtual size: 224KB

.idata
Size: 512B - Virtual size: 480B

.rsrc
Size: 19KB - Virtual size: 19KB