bf9d85d49a666ef6dafbea617426ce17435baf3512aa29bd895e92ccda14a073

General

Target

bf9d85d49a666ef6dafbea617426ce17435baf3512aa29bd895e92ccda14a073
Size

252KB
MD5

414a321fa86e24c65813e1d7b0dd39b0
SHA1

7d8e14538efe3f7e6644c806e5052f7c3de6366e
SHA256

bf9d85d49a666ef6dafbea617426ce17435baf3512aa29bd895e92ccda14a073
SHA512

43bcdae8b5f2b002b9f8965a2f4398b7390c1318da657db166b082b81ecb387a4617ec914ebfacfd240e9b4fa0836bed95282631d2eed0b0667f95150c97994c
SSDEEP

6144:Wg5NcM62v1/yVDPq8SsV9yvPV7c51t467AKP6y5:NWl2FyNPNSsVQv97c51tEK

Score

N/A

Malware Config

Signatures

Files

bf9d85d49a666ef6dafbea617426ce17435baf3512aa29bd895e92ccda14a073
.exe windows x86

8df1bec0e10ddec02a8e422af90a775e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxExA
GetForegroundWindow
ChildWindowFromPoint
SetWindowPos
IsWindow
GetWindowPlacement
SetWindowPlacement

advapi32

RegEnumValueA
SetTokenInformation
RegRestoreKeyA
RegSetValueA
RegConnectRegistryA
RegSetValueExA
RegDeleteKeyA

shlwapi

SHRegGetUSValueA
SHRegGetUSValueW
PathFindNextComponentW
PathRemoveBlanksA
PathAddBackslashA
PathRelativePathToA
PathMatchSpecW
PathQuoteSpacesA
PathIsSystemFolderW
StrRChrW
PathCombineW
StrPBrkW

kernel32

GetNumberFormatA
GetOEMCP
HeapAlloc
GetModuleHandleA
GetProcAddress
VirtualAllocEx
PulseEvent
HeapReAlloc
GetStartupInfoA
LocalFlags
GetStringTypeW
GetStringTypeA

credui

CredUIStoreSSOCredW
CredUIReadSSOCredW
CredUIParseUserNameA
CredUIParseUserNameW

winscard

SCardGetProviderIdA

msvcrt

__p__fmode
_exit
__set_app_type
_except_handler3
_controlfp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
__p__commode
_adjust_fdiv
_XcptFilter

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8df1bec0e10ddec02a8e422af90a775e

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

kernel32

credui

winscard

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 218KB - Virtual size: 217KB

.data Size: 512B - Virtual size: 376KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 218KB - Virtual size: 217KB

.data
Size: 512B - Virtual size: 376KB

.rsrc
Size: 22KB - Virtual size: 22KB