08bf05d728679779720b69dc64f00a3e0ff3944f81dbbb826ddd4468d22005bf

Sharing

Copy URL Twitter E-mail

General

Target

08bf05d728679779720b69dc64f00a3e0ff3944f81dbbb826ddd4468d22005bf
Size

183KB
MD5

6115ee67b497bcc04e525070f6af3271
SHA1

20f03b1466b345bb4b21d9822f9a8563930e4ff6
SHA256

08bf05d728679779720b69dc64f00a3e0ff3944f81dbbb826ddd4468d22005bf
SHA512

b3e2c53b2d932a31b452f52c94fa079ff7c7a2dc82210fef7a6bce756f40d3bc2c898f1a397eec846932f5f491101f0d84277367bff6fea27734966d12fd2718
SSDEEP

3072:F2mPpoqvMIbJ5CX3fPx+FepGwoAL2nA7PC21ycdHasBgadbdhL3R7TXbLaMzE:foDIbJ5CX3fPx5pBK921msBgadbdZ3pR

Score

N/A

Malware Config

Signatures

Files

08bf05d728679779720b69dc64f00a3e0ff3944f81dbbb826ddd4468d22005bf
.dll windows x86

9b9fb3f1b2e7496509fa9fd443c6e350

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GlobalLock
GlobalAlloc
FindFirstVolumeMountPointW
GlobalReAlloc
GlobalSize
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceA
LocalAlloc
LocalFree
WideCharToMultiByte
ReadFile
WriteFile
SetFilePointer
GlobalHandle
IsDBCSLeadByte
GetModuleHandleA
VirtualProtect
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcessHeap
GetModuleHandleW
CreateProcessA
GetTempFileNameA
HeapFree
HeapAlloc
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
GlobalFree
GlobalUnlock
RaiseException
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery

user32

SetWindowLongA
DefWindowProcA
DestroyWindow
GetScrollPos
SetScrollRange
GetWindowLongA
GetParent
BringWindowToTop
GetScrollRange
UpdateWindow
ScrollWindow
SetScrollPos
GetClientRect
IntersectRect
OffsetRect
ShowCursor
MessageBeep
GetCapture
GetCursorPos
WindowFromPoint
SetCursor
SendMessageA
GetClassInfoExA

comctl32

PropertySheetA

comdlg32

GetOpenFileNameA
ChooseFontA
GetSaveFileNameA
CommDlgExtendedError

advapi32

RegQueryValueExW
RegEnumValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW

ole32

OleUninitialize
BindMoniker
CoCreateInstance
OleInitialize
CoGetMalloc
StringFromGUID2

shlwapi

wnsprintfA

oleaut32

DispGetIDsOfNames
DispGetIDsOfNames
VarUI4FromDec
SetErrorInfo

Sections

.text
Size: 129KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 314B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b9fb3f1b2e7496509fa9fd443c6e350

Headers

File Characteristics

Imports

kernel32

user32

comctl32

comdlg32

advapi32

ole32

shlwapi

oleaut32

Sections

.text Size: 129KB - Virtual size: 137KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 48KB - Virtual size: 48KB

.reloc Size: 512B - Virtual size: 314B

.text
Size: 129KB - Virtual size: 137KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 48KB - Virtual size: 48KB

.reloc
Size: 512B - Virtual size: 314B