0bfbf4b24373fbde348d40d38c377184f373e916bbc61487da9341b14395e00e

General

Target

0bfbf4b24373fbde348d40d38c377184f373e916bbc61487da9341b14395e00e
Size

103KB
MD5

782efca1782b090a3585f22cfd5c09b0
SHA1

dc6b88fe309ed51dd9272c131b44cde177e26768
SHA256

0bfbf4b24373fbde348d40d38c377184f373e916bbc61487da9341b14395e00e
SHA512

60ddce1069fd0fe585c50acaafa07e526e8f1f51bf560c03fc2beda1774d175c5e2fdd8240ba7d1e6f108b1feb7f34082e0342122dd985f6287508684bca3b02
SSDEEP

1536:ZlC5BnzPLaHWE3pN6UWH7ICHoyJZr3i4Vr2jLHzoQ+/kG2DNfqnrR2yELB9RnL:ZlC5BzPmHJZdQlJZr3kz+/sNs4ya1n

Score

N/A

Malware Config

Signatures

Files

0bfbf4b24373fbde348d40d38c377184f373e916bbc61487da9341b14395e00e
.exe windows x86

863f860fac23348e22b855f54415a2e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathMakePrettyA
StrSpnA
StrStrA
PathIsRootW
ord29
PathIsSameRootW
PathIsFileSpecW
PathIsNetworkPathW

kernel32

GetFileAttributesW
SuspendThread
FindFirstVolumeW
FileTimeToLocalFileTime
GetDiskFreeSpaceExW
OpenEventW
GetCurrentDirectoryA
EnumResourceNamesA
SetFilePointer
lstrcpynA
SetErrorMode
FreeLibrary
CreateProcessW
SetWaitableTimer
GlobalAddAtomA
GetTickCount
GetCompressedFileSizeW
LoadLibraryW
GetConsoleMode
GetLocaleInfoW
Sleep
GetVersionExW
lstrcpynW
WriteConsoleW
GetBinaryTypeA
lstrlenW
FindNextVolumeMountPointW
GetProfileIntA
SetCurrentDirectoryA
GetStartupInfoA
GetProcAddress
ResetEvent
LoadLibraryA
LocalAlloc
CreateFileMappingW
SetCurrentDirectoryW
GetSystemInfo
GetModuleFileNameA

Exports

Exports

?SectionOutput@@YGGPAG@Z

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 84KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

863f860fac23348e22b855f54415a2e5

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 84KB - Virtual size: 203KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.itext Size: 512B - Virtual size: 192B

.pdata Size: 512B - Virtual size: 5B

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 84KB - Virtual size: 203KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.itext
Size: 512B - Virtual size: 192B

.pdata
Size: 512B - Virtual size: 5B