cb1b49e99fe313862fd3da55e220df890c0912cb3ce2e241f3c4be65b1499bca

Sharing

Copy URL Twitter E-mail

General

Target

cb1b49e99fe313862fd3da55e220df890c0912cb3ce2e241f3c4be65b1499bca
Size

83KB
MD5

0b0c71a3b2e58778074722ae8ec386ff
SHA1

9dfbf28a3bd9080049a59e7c3262a1610892e9f4
SHA256

cb1b49e99fe313862fd3da55e220df890c0912cb3ce2e241f3c4be65b1499bca
SHA512

ec6c5a9a9398f336b6444fece15e3849739674e92f73a094f71a5fee473bca2cefcb3ad56f22050df55d1791083784f73268ede3f936453aab0adc67f7520fac
SSDEEP

1536:n8xlHJPKAK/I91QgrBM+OsKY0+uk0PfB4aICw2W5WpB/PbRjIaPoezWFdsCBme:n8xlHkMlrBM+Ohj+n0h/FeOzHweye0me

Score

N/A

Malware Config

Signatures

Files

cb1b49e99fe313862fd3da55e220df890c0912cb3ce2e241f3c4be65b1499bca
.exe windows x86

0dfbbd86065af4ffa7cacb9b8520d420

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
memset
_iob
_XcptFilter
calloc
atoi
malloc
fprintf
free
__p___initenv
abort
_adjust_fdiv
__setusermatherr
__p__commode
fflush
__p__fmode
__set_app_type
_strnicmp
_exit
_controlfp
getenv
_initterm
__getmainargs
fopen

kernel32

InterlockedExchange
GlobalLock
GetCurrentProcessId
GetSystemDefaultLCID
LocalFree
ExitProcess
GetCommandLineW
VirtualQuery
FlushFileBuffers
SetThreadLocale
DeviceIoControl
WideCharToMultiByte
VirtualProtectEx
GetModuleHandleW
GetTimeZoneInformation
GetProcAddress
GetProcessHeap
IsBadWritePtr
Sleep
InterlockedDecrement

gdi32

SetGraphicsMode
SetMapMode
CreateCompatibleDC
CreateICW
GetCurrentObject
PolyBezierTo
Escape
GdiFlush
SetMapperFlags
ExtTextOutW
GetTextAlign
EndPath

ole32

ProgIDFromCLSID
RegisterDragDrop
OleSetMenuDescriptor
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
OleSetClipboard
CoUninitialize
CoGetMalloc
CoFreeUnusedLibraries
OleGetClipboard
CoInitializeEx
CoTaskMemFree
CoDisconnectObject

advapi32

GetLengthSid
DeleteService
SetSecurityDescriptorDacl
OpenProcessToken
QueryServiceStatus
OpenThreadToken
CryptCreateHash
RegSetValueExW
OpenServiceW
RegQueryValueExW
ControlService

user32

EnumWindows
GetDlgItem
DialogBoxParamA
GetDCEx
KillTimer
GetMessageA
GetScrollInfo
DrawTextA
TrackPopupMenu
SetFocus
LoadIconA
GetSystemMetrics
CreatePopupMenu
CloseClipboard
GetParent
IntersectRect
GetWindow
GetScrollPos
LoadStringA

comctl32

ImageList_EndDrag
ImageList_GetImageCount
ImageList_DrawEx
DestroyPropertySheetPage
ImageList_Remove
CreatePropertySheetPageA
ImageList_DragEnter
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_GetIconSize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dfbbd86065af4ffa7cacb9b8520d420

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

ole32

advapi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 60KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 60KB

.rsrc
Size: 4KB - Virtual size: 4KB