baeb068bdc61b5eba9bb0bb862057c15a787cde438c2d7b457b136950a803a6a

Sharing

Copy URL Twitter E-mail

General

Target

baeb068bdc61b5eba9bb0bb862057c15a787cde438c2d7b457b136950a803a6a
Size

34KB
MD5

5d7a7c4aecb9e5b5bd8ece37bd2fed36
SHA1

0cfe68ddc04990abc556c3207e55876dea1bf2e1
SHA256

baeb068bdc61b5eba9bb0bb862057c15a787cde438c2d7b457b136950a803a6a
SHA512

9503ee19f99b642e8c4a4b9bcc0ded743b64cadc653fc8fe39ae1310a70d194d4a0193d64dbac5dc3bd64834cc9e4b928462887cc7b8517ab20a93f1d826c054
SSDEEP

768:aRdWII1wvgj2rhbcaCri5IoZSA9cwf3MveTdX9l9YO:+TgSrFNCu5IoZSA9cwf3MveTdXj9d

Score

N/A

Malware Config

Signatures

Files

baeb068bdc61b5eba9bb0bb862057c15a787cde438c2d7b457b136950a803a6a
.exe windows x86

f9d0acf1d07a982c67d86a8ba1affa64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
GetTokenInformation
IsWellKnownSid
OpenProcessToken
RegisterEventSourceA
ReportEventA

setupapi

SetupRenameErrorA
SetupUninstallOEMInfA

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateMutexA
CreatePipe
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstVolumeA
FindNextVolumeA
FindVolumeClose
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetOEMCP
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetUserDefaultLCID
GetWindowsDirectoryA
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
MoveFileA
MultiByteToWideChar
PeekNamedPipe
QueryDosDeviceA
RaiseException
ReadFile
ResumeThread
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetFilePointerEx
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetVolumeMountPointA
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
lstrlenW

user32

RegisterWindowMessageA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetCurrentObject
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32W
GetTextMetricsA
LineTo
MoveToEx
SelectObject
SetMapMode
SetStretchBltMode
StretchBlt

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileA
SHBrowseForFolderW
SHChangeNotify
SHGetFileInfoA
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
Shell_NotifyIconA
Shell_NotifyIconW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 253B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9d0acf1d07a982c67d86a8ba1affa64

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

user32

gdi32

shell32

Sections

.text Size: 10KB - Virtual size: 9KB

.idata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 253B

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 10KB - Virtual size: 9KB

.idata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 253B

.rsrc
Size: 19KB - Virtual size: 18KB