ff896bad748faae3db2b5d37f860d2272234337fafed21c71d8bc33ff6e49a2a

Sharing

Copy URL Twitter E-mail

General

Target

ff896bad748faae3db2b5d37f860d2272234337fafed21c71d8bc33ff6e49a2a
Size

433KB
MD5

83ec780fad8015040ec823ecf9823aa0
SHA1

4f32fe6c78b7c83d106b90fccdbe4105eafd7623
SHA256

ff896bad748faae3db2b5d37f860d2272234337fafed21c71d8bc33ff6e49a2a
SHA512

914d9f3fad78840241f0d0d508c2cd9dcd58fc05b6682870949712f7abdfeea7eaafcce625236d6f264cf8afad96a7744fa0e894b5548d7de4decc7d72b97499
SSDEEP

1536:7WNmDv+NjsPbYuUlnJkJT5LsQHUdZCFSNurlQ1nJ7/2Alw06MgocOJ:7WNsGN4bY1OZ5LsJLNV9Jz26w4

Score

N/A

Malware Config

Signatures

Files

ff896bad748faae3db2b5d37f860d2272234337fafed21c71d8bc33ff6e49a2a
.exe windows x86

c04b96b33c132a82fa05fba77bcea277

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
GetSystemTimeAsFileTime
GetModuleHandleA
GetVersion
CreateToolhelp32Snapshot
MoveFileExA
DuplicateHandle
CreateFileW
HeapValidate
GetProcAddress
GetCommandLineW
GetCurrentProcess
GetModuleFileNameA
CreateFileW
WriteProcessMemory
OpenProcess
LCMapStringA
MoveFileW
ReadProcessMemory
GetLogicalDrives
LocalReAlloc
GetSystemInfo
GetQueuedCompletionStatus
CreateDirectoryW
LoadLibraryA
ExitProcess
GetSystemDirectoryW
HeapSize
GetCurrentProcessId
GlobalMemoryStatus
LoadModule
GetCommandLineA
Process32Next
CloseHandle
CreateEventW
GetSystemDirectoryA
FreeEnvironmentStringsA
MulDiv
Process32First

user32

UpdateWindow
ShowWindow
DrawEdge
DeferWindowPos
DialogBoxIndirectParamW
TranslateMessage
DefWindowProcA
DrawFrameControl
GetDlgItem
GetKeyboardLayout
CreateWindowExA
DispatchMessageA
CopyAcceleratorTableW
EnumDisplayDevicesW
CreateDialogIndirectParamW
ExitWindowsEx
CharToOemBuffA
DrawTextA
GetClientRect
GetMessageA
GetCaretBlinkTime
RegisterClassExA

advapi32

CreateProcessAsUserW
QueryServiceStatus
CryptCreateHash
GetFileSecurityW
CryptGetProvParam
CryptDeriveKey
CreateServiceW
RegConnectRegistryW
RegEnumKeyExW

shell32

PifMgr_CloseProperties
DllInstall
SheGetDirA
InternalExtractIconListW
PathYetAnotherMakeUniqueName
SHEnumerateUnreadMailAccountsW
SHBrowseForFolder
Control_RunDLLW
ReadCabinetState
IsNetDrive
ShellMessageBoxA
CDefFolderMenu_Create2
SHCreateShellItem
ExtractAssociatedIconW
SHGetDiskFreeSpaceA
FindExecutableA
InternalExtractIconListA
FreeIconList
Options_RunDLLA

gdi32

DeleteMetaFile
Rectangle
ArcTo
GetMetaFileBitsEx
Chord
CreatePenIndirect
CreateDIBSection
CreateFontA
GetDeviceCaps
EnumFontFamiliesExW
CombineRgn
GetCurrentObject
PlgBlt
CreateFontIndirectW
GetWorldTransform
SelectObject

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c04b96b33c132a82fa05fba77bcea277

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 324KB - Virtual size: 324KB

.idata Size: 88KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: 4KB - Virtual size: 32KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 324KB - Virtual size: 324KB

.idata
Size: 88KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: 4KB - Virtual size: 32KB