0ba6462116a76a5a6191d8d3632308f04415f7de254ef9c06bfda5c45b8fed35

Sharing

Copy URL Twitter E-mail

General

Target

0ba6462116a76a5a6191d8d3632308f04415f7de254ef9c06bfda5c45b8fed35
Size

1.5MB
MD5

805da2ba3a49a6f60b9b33f4119921d5
SHA1

1c42fe86af45034db2ed225288b27ddece7047dc
SHA256

0ba6462116a76a5a6191d8d3632308f04415f7de254ef9c06bfda5c45b8fed35
SHA512

f6a3765af1ebe8dd1f40a75ecda091da938f3638f0c211d1c23f1295f4235760dd870891c7637a0e1a5c3b4442bbd6047ed3a13d42964ca768f64ae85bab6056
SSDEEP

24576:rjk7HzswvDXz4qWN0cjiTQVt9OKqUq/gk6wu+dTl:v41UvZmTQVzqMkcQ

Score

N/A

Malware Config

Signatures

Files

0ba6462116a76a5a6191d8d3632308f04415f7de254ef9c06bfda5c45b8fed35
.exe windows x86

3807d8f73c3261cad0cf91d275c63771

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetProcAddress
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
GetTempFileNameW
CreateDirectoryW
GetModuleFileNameW
SetFileAttributesW
MoveFileW
lstrlenW
ExpandEnvironmentStringsW
WriteFile
SetFilePointer
GetTickCount
GetStartupInfoW
VerifyVersionInfoW
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
GetOEMCP
GetStringTypeW
GetStringTypeA
GetCPInfo
VerSetConditionMask
LocalFree
GetCurrentProcess
TerminateProcess
GetExitCodeProcess
ReleaseMutex
WaitForSingleObject
OpenMutexW
GetLastError
CreateMutexW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetCurrentProcessId
MoveFileExW
DeleteFileW
CreateProcessW
CopyFileW
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetLongPathNameW
GetTempPathW
CloseHandle
SetEvent
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
LCMapStringW
WideCharToMultiByte
LCMapStringA
VirtualQuery
GetSystemInfo
VirtualProtect
CreateEventW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
GetFileAttributesW
TlsGetValue
TlsSetValue
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetModuleHandleA
GetSystemTimeAsFileTime
RtlUnwind
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
GetCurrentThreadId
TlsFree

shell32

SHGetFolderPathW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
OpenProcessToken
RegCreateKeyExW
RegSetValueExW
GetSidSubAuthorityCount
GetSidSubAuthority
ConvertSidToStringSidW
LookupAccountSidW
GetTokenInformation
RegCloseKey

ole32

CoCreateInstance
CoUninitialize
CoInitialize

shlwapi

SHDeleteKeyW
PathRemoveFileSpecW

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 952KB - Virtual size: 951KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3807d8f73c3261cad0cf91d275c63771

Headers

File Characteristics

Imports

kernel32

shell32

version

advapi32

ole32

shlwapi

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 952KB - Virtual size: 951KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 952KB - Virtual size: 951KB

.vmp0
Size: 500KB - Virtual size: 1.6MB