55c2cd19cf29c98ec564df859e02881156b12918c1114c3e9effb7b5d5061ff9

Sharing

Copy URL Twitter E-mail

General

Target

55c2cd19cf29c98ec564df859e02881156b12918c1114c3e9effb7b5d5061ff9
Size

185KB
MD5

0b4c7145a1dc5654c1bd4f38efa9db20
SHA1

2181c3c452de7f11f404e61e1322d3b6c1c102e0
SHA256

55c2cd19cf29c98ec564df859e02881156b12918c1114c3e9effb7b5d5061ff9
SHA512

fceb19f53f68b7be0f67bbfd1ae5b2020090967016536266ab30be8740eb98f892fcb8f4fc29eea0a1c071b12f6e5947dbd7221856dd6ecff1fe04b29423b948
SSDEEP

3072:jaivFz99eME+T7/RJttz7j0iZALLgV51mDrsxaNs/DJ:3vFh9D7/RZwsmsxaNoDJ

Score

N/A

Malware Config

Signatures

Files

55c2cd19cf29c98ec564df859e02881156b12918c1114c3e9effb7b5d5061ff9
.exe windows x86

0bb7df82b9f003125f10c8add3ad2ea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbtool9

ord139
ord140
ord158

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

GetDriveTypeA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
MultiByteToWideChar
GetACP
GetSystemDefaultLangID
IsDBCSLeadByte
GetModuleFileNameA
VirtualQuery
GetSystemDirectoryA
GetWindowsDirectoryA
GetOEMCP
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
FlushFileBuffers
SetEndOfFile
GetLastError
SetFilePointer
LoadLibraryA
SetErrorMode
FreeLibrary
GetVersion
GetCurrentProcess
GetEnvironmentVariableA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetFileAttributesA
CloseHandle
GetFileType
CreateFileA
SetStdHandle
ReadFile
WriteFile
SetEnvironmentVariableA
GetCurrentDirectoryA
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
LCMapStringA
LCMapStringW
GetCPInfo
GetFullPathNameA
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

LoadStringA
IsCharAlphaA
CharLowerA
CharToOemA
OemToCharA
MessageBoxA
LoadStringW
CharUpperA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0bb7df82b9f003125f10c8add3ad2ea4

Headers

File Characteristics

Imports

dbtool9

advapi32

kernel32

user32

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 80KB - Virtual size: 80KB