fbd11f25f471275364175d05a3b1694ce64b2dd80bbe63d241a4cbf8f4218b42

Sharing

Copy URL Twitter E-mail

General

Target

fbd11f25f471275364175d05a3b1694ce64b2dd80bbe63d241a4cbf8f4218b42
Size

544KB
MD5

93bee4d9164c3395e0234f152c49a168
SHA1

5a6485a8573b5a8567b20e6b9b98b19ad6c8863d
SHA256

fbd11f25f471275364175d05a3b1694ce64b2dd80bbe63d241a4cbf8f4218b42
SHA512

19e32487a52a55aef23cd252e318c1ffb5de3f2a69fb2b8749ab011d5d48dc487ec7aa1929e4a82afd1b5e23e7b238d35a76e9225f9e45594405d42eddb00a41
SSDEEP

3072:OqDkBvAUzkit8tqDkBcqDk/qDkBcqDk/qDkBcqDk/qDkBcqDk/qDkBcqDk/qDkBe:KFAU4S8DCpCpCpCpCpCpCpA

Score

N/A

Malware Config

Signatures

Files

fbd11f25f471275364175d05a3b1694ce64b2dd80bbe63d241a4cbf8f4218b42
.dll windows x86

fe2bcaedd5965ef4f0989fae545e7223

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
CreateThread
IsBadReadPtr
GetCurrentThreadId
WaitForSingleObject
WideCharToMultiByte
Sleep
GetModuleHandleA
GlobalFree
GlobalAlloc
GetTickCount
InterlockedDecrement
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CoInitialize

oleaut32

SysAllocString
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString
VariantInit
VariantCopy
GetErrorInfo
SysStringLen
VariantClear

msvcrt

_CxxThrowException
_itoa
_adjust_fdiv
_initterm
_onexit
__dllonexit
mbstowcs
swprintf
rand
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
malloc
_snprintf
strncpy
free
strstr
atoi
wcscmp
??1type_info@@UAE@XZ

gdiplus

GdipGetImageEncodersSize
GdipDisposeImage
GdipCloneImage
GdipGetImageEncoders
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipFree
GdipLoadImageFromStream
GdipSaveImageToStream

Exports

Exports

GetModuleFileNameExA
GetModuleFileNameExW
capGetDriverDescriptionA
capGetDriverDescriptionW

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe2bcaedd5965ef4f0989fae545e7223

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

msvcrt

gdiplus

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 2KB

.text Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 1KB