0b29b28551f92f0313a74c160efe25a6c3b93b3441df6cf3f809c560f496a60b

Sharing

Copy URL

Twitter E-mail

General

Target

0b29b28551f92f0313a74c160efe25a6c3b93b3441df6cf3f809c560f496a60b
Size

143KB
MD5

905490e86ed0dcd5ab3bcfaa0354b211
SHA1

7bfcb68cfa52e753a0619fd202ca58b4671dc9ae
SHA256

0b29b28551f92f0313a74c160efe25a6c3b93b3441df6cf3f809c560f496a60b
SHA512

c0926a9554bd03a849752059da4cf89758ba58e47e8de87c6615ae342a5d324e3bcf44863d90bd40ada56b77dacd87d4b615be8fe3ad9e488a5ec69f3c5238e6
SSDEEP

3072:/jinF0H62Wi/PHZK4qsowk/XXGLhIMQUl8oI:/jiA62pdqzwKnihIMP1

Score

N/A

Malware Config

Signatures

Files

0b29b28551f92f0313a74c160efe25a6c3b93b3441df6cf3f809c560f496a60b
.exe windows x86

2be2dbf064d3b71d26f35f0429c80189

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateFileW
lstrcmpW
CreateEventW
DeleteCriticalSection
LoadLibraryW
HeapReAlloc
WritePrivateProfileSectionA
GlobalAlloc
GetProcAddress
GetProcessHeap
GetTempPathA
SetHandleCount
VirtualProtect
VirtualFree
GlobalSize
WaitForSingleObject
GetDriveTypeW
WritePrivateProfileSectionW
SetErrorMode
GetNumberFormatW
CreateEventA
LocalFileTimeToFileTime
lstrcpyW
GetComputerNameA
SystemTimeToFileTime
GetModuleHandleA
ExitThread
ReleaseMutex
DeleteFileW
OutputDebugStringW
GetVersionExA
FormatMessageW

msvcrt

_exit
memmove
strerror
rand
_controlfp
_CxxThrowException
wcstok
_onexit
_wcmdln
fprintf
malloc
__setusermatherr
wcsrchr
memset
_wcsnicmp
exit

user32

UnregisterClassW
CopyRect
RegisterWindowMessageW
SetDlgItemInt
DrawTextW
DrawEdge
GetMessageW
IntersectRect
SystemParametersInfoA
GetProcessWindowStation
GetSystemMenu
RegisterClassW
LoadCursorW
MsgWaitForMultipleObjects
FrameRect
SetWindowTextA
CreateDialogParamW
FillRect
PostThreadMessageW
IsWindowEnabled
PostMessageW
DefDlgProcW
wsprintfA
EnableWindow
SendDlgItemMessageW

gdi32

CreateRoundRectRgn
Rectangle
SelectObject
DeleteDC
DeleteObject
CreateCompatibleDC
GetObjectA
ExtTextOutW
CreateCompatibleBitmap
GetTextMetricsW
SelectPalette
GetTextExtentPointW
RealizePalette
SetStretchBltMode
GetRegionData
CreatePen
StretchBlt
SetTextAlign
SetWindowExtEx
CreateBitmap
MoveToEx

tapi32

lineAddProviderW
tapiRequestMediaCallA
phoneGetLamp
MMCInitialize
lineGetIDW
lineSetAgentMeasurementPeriod
phoneShutdown
lineCompleteCall

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2be2dbf064d3b71d26f35f0429c80189

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 36B

.data Size: 51KB - Virtual size: 51KB

.edata Size: 39KB - Virtual size: 38KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 138B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 36B

.data
Size: 51KB - Virtual size: 51KB

.edata
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 138B