8a0be81a887af3c33157ce2573e033cc760faac69bddfb63540bf6bd91bbec25

Sharing

Copy URL Twitter E-mail

General

Target

8a0be81a887af3c33157ce2573e033cc760faac69bddfb63540bf6bd91bbec25
Size

190KB
MD5

57875b03a1012674bedf605e99b0a1c0
SHA1

b1ae8525554aa914c600a700d2a016833af31014
SHA256

8a0be81a887af3c33157ce2573e033cc760faac69bddfb63540bf6bd91bbec25
SHA512

c2d30cecfdc4e57de36d14d3916628f486baa9ae53e9a7cf01b5d6489c804c9618cc5de1ff4baa28b9188e7e306a25c4604bce99e6a66102b3561b9012602625
SSDEEP

3072:XYBGUjDROuccJNZLw4/nWzeo6QpIMl94RwCdOGpYQkwJb6xLjB94Y3gFWE4Bm81:XCGUBOucQNlwozVkfB6OpWb65jB9TgF6

Score

N/A

Malware Config

Signatures

Files

8a0be81a887af3c33157ce2573e033cc760faac69bddfb63540bf6bd91bbec25
.exe windows x86

b24486a0f67049c50e90cce06e0f3d09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnlockFileEx
DeleteFileA
LockFileEx
GetModuleHandleA
GetTempPathA
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
GetProcAddress
FormatMessageA
LocalFree
FreeLibrary
WideCharToMultiByte
GetCurrentThread
GetFileAttributesA
CloseHandle
VirtualFree
ReadFile
WriteFile
CreateFileA
GetLastError
VirtualAlloc

advapi32

AccessCheck
GetFileSecurityA
RevertToSelf
ImpersonateSelf
OpenThreadToken
MapGenericMask

mpr

WNetAddConnection2A
WNetCancelConnection2A

user32

GetKeyboardLayout
IsCharAlphaNumericA
ClientToScreen
SetWindowLongW
SetWindowWord
DestroyCursor
KillTimer
DlgDirListW
DdeCreateDataHandle
SetWindowLongA
OpenDesktopW
EnumChildWindows
GetReasonTitleFromReasonCode
GetClipCursor
GetAltTabInfoA
InvertRect
GetKBCodePage
CreateDialogParamW
LoadStringW
DrawFrameControl
SwitchDesktop
PrivateExtractIconExW
CreateDialogIndirectParamW
GetWindowLongA
ChildWindowFromPoint
GetCapture
GetMenuItemInfoW
wsprintfW
SetCaretBlinkTime
ModifyMenuA
CharToOemA
RealGetWindowClass
CountClipboardFormats
TranslateMessageEx
LockWindowUpdate
DdeFreeDataHandle
MapWindowPoints
DdeQueryStringW
AdjustWindowRect
GetKeyboardLayoutList
GetWindowTextLengthW
IsCharUpperW
CharToOemW
DdeCreateStringHandleA
CreateDialogParamA
MapVirtualKeyExA
SetClassWord
EnterReaderModeHelper
SendInput
GetFocus
DestroyAcceleratorTable
EnumDisplayDevicesW
MessageBeep
SetClassLongA
BroadcastSystemMessageA
ClipCursor

msls31

LsCompressSubline
LsdnFinishDeleteAll
LsPointUV2FromPointUV1
LssbFIsSublineEmpty
LsdnSkipCurTab
LsAppendRunToCurrentSubline
LsdnQueryPenNode

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b24486a0f67049c50e90cce06e0f3d09

Headers

File Characteristics

Imports

kernel32

advapi32

mpr

user32

msls31

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 5KB

.data Size: 155KB - Virtual size: 1.2MB

.bss Size: 8KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 5KB

.data
Size: 155KB - Virtual size: 1.2MB

.bss
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 4KB