ff0b05e4b5087903b939d9a39627f153770127b17927cc7cf0887c961ccb9a0b

Sharing

Copy URL Twitter E-mail

General

Target

ff0b05e4b5087903b939d9a39627f153770127b17927cc7cf0887c961ccb9a0b
Size

48KB
MD5

0b6394331da801ab54a22236413a9670
SHA1

b62e371e5403df4be0e31afe5251e3c414df2a92
SHA256

ff0b05e4b5087903b939d9a39627f153770127b17927cc7cf0887c961ccb9a0b
SHA512

c1d32800a43d78ae1d5bbedc701de73c586feefa17fa3a48c9ccc43b23d5669613389deb25e62e2a685abaf5163578bc18317c5bece285694e337a01b56d9c17
SSDEEP

768:0sTpu+t8ZLH8LS2oZQw7euTRrQXkiCzp5Ky9O5L5B+4gP9rPBtSXaziuKCEQ8peQ:pTtYcroqchNrTiCB9OF5utSxCEqJAF

Score

N/A

Malware Config

Signatures

Files

ff0b05e4b5087903b939d9a39627f153770127b17927cc7cf0887c961ccb9a0b
.exe windows x86

a4123ff4012490ba8e3a4f908abea330

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupCloseInfFile

urlmon

CopyBindInfo

user32

MessageBoxA

kernel32

HeapCreate
WaitForSingleObject
SetEvent
GetUserDefaultLCID
GetWindowsDirectoryA
EnterCriticalSection
LCMapStringW
FreeEnvironmentStringsA
FreeLibrary
HeapFree
lstrcpyA
VirtualAlloc
SetFilePointer
GetProcAddress
IsDBCSLeadByte
InterlockedIncrement
GetEnvironmentStrings
Beep
CreateFileA
VirtualProtect
GetACP
IsValidLocale
RaiseException
GetStringTypeA
VirtualQuery
WaitForMultipleObjects
FormatMessageA
LCMapStringA
LocalFree
DeleteCriticalSection
OutputDebugStringA
GetOEMCP
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
InterlockedExchange
GetCurrentDirectoryW
EnumSystemLocalesA
SetStdHandle
WriteFile
GetSystemInfo
MultiByteToWideChar
InitializeCriticalSection
GetEnvironmentStringsW
SetThreadLocale
GetProcessHeap
LoadLibraryW
FreeEnvironmentStringsW
LeaveCriticalSection
LocalAlloc
GetLocaleInfoW
ReleaseMutex
GetLastError
WideCharToMultiByte
HeapDestroy
GetLocaleInfoA
GetStartupInfoA
CreateEventA
SetCurrentDirectoryW
SetLastError
lstrlenA
FlushFileBuffers
MapViewOfFile
GetCPInfo
HeapReAlloc
GetStringTypeW
LoadLibraryA
lstrcpynA
CloseHandle
IsValidCodePage
GetModuleHandleA
VirtualFree
GetThreadLocale
UnmapViewOfFile

ntdll

RtlUnwind

activeds

FreeADsMem

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4123ff4012490ba8e3a4f908abea330

Headers

File Characteristics

Imports

setupapi

urlmon

user32

kernel32

ntdll

activeds

Sections

.textbss Size: - Virtual size: 1.3MB

.idata Size: 45KB - Virtual size: 45KB

.text Size: 512B - Virtual size: 424B

.reloc Size: 512B - Virtual size: 4B

.rsrc Size: 512B - Virtual size: 32B

.textbss
Size: - Virtual size: 1.3MB

.idata
Size: 45KB - Virtual size: 45KB

.text
Size: 512B - Virtual size: 424B

.reloc
Size: 512B - Virtual size: 4B

.rsrc
Size: 512B - Virtual size: 32B