a40bc16ce3324a09b6c5ab679185b96febcf9d404fefd5f3c1ebd127fec26e5d

Sharing

Copy URL Twitter E-mail

General

Target

a40bc16ce3324a09b6c5ab679185b96febcf9d404fefd5f3c1ebd127fec26e5d
Size

152KB
MD5

937a0f94f5938d5dd9494f5313dc5610
SHA1

53f97c82be5cc25534148b9450054587bed3f268
SHA256

a40bc16ce3324a09b6c5ab679185b96febcf9d404fefd5f3c1ebd127fec26e5d
SHA512

81055de1a626d3448d8a9e61b5aad9fd2542046388be5d776a5affebaf879882fa8a3f900e501ddd0e4b1af60c68f4abde58f9f06545340c06967eea95e1e95e
SSDEEP

3072:2QesUPlld+S87tmsnZCMi926D6exRxE/PEg6:2tsed+S87vCm61xXTv

Score

N/A

Malware Config

Signatures

Files

a40bc16ce3324a09b6c5ab679185b96febcf9d404fefd5f3c1ebd127fec26e5d
.dll windows x86

c0b12f196a4308e25bf2a2481169ca50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrlenW
GetVersionExW
GetLastError
EnterCriticalSection
ChangeTimerQueueTimer
InitializeCriticalSection
DeleteCriticalSection
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
CloseHandle
CreateTimerQueueTimer
HeapDestroy
HeapCreate
DeleteTimerQueueEx
DisableThreadLibraryCalls
lstrlenA
GetTickCount
WaitForSingleObject
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalFree
ResetEvent
GlobalAlloc
SetLastError
SetEvent
CreateEventA
GetCurrentProcessId
DeleteFileW
OutputDebugStringW
IsBadCodePtr
GetCalendarInfoA
GetModuleFileNameA
lstrcpynW
lstrcmpW
QueryPerformanceCounter
MulDiv
IsBadReadPtr
IsBadWritePtr
CreateTimerQueue
LeaveCriticalSection

user32

GetWindowTextA
GetDlgItem
SetWindowTextA
RegisterClassA
CreateWindowExA
ShowWindow
GetDC
ReleaseDC
IsRectEmpty
OpenIcon
wsprintfW
GetWindowLongW
SetWindowLongW
MoveWindow
DestroyWindow
DefWindowProcW
LoadStringW
GetWindowRect
GetDesktopWindow
KillTimer
SetRect

advapi32

RegDeleteKeyW
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExW
RegOpenKeyExW
RegSetValueExA

ole32

CoUninitialize
StringFromGUID2
CoTaskMemFree
CoFreeUnusedLibraries
CoTaskMemAlloc

msvcrt

memset
free
malloc
sprintf
printf

shlwapi

PathFindExtensionA

Exports

Exports

DescribedA
TimeCase

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0b12f196a4308e25bf2a2481169ca50

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.idata Size: 4KB - Virtual size: 346B

.reloc Size: 4KB - Virtual size: 1KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 36KB - Virtual size: 201KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 54KB

.idata
Size: 4KB - Virtual size: 346B

.reloc
Size: 4KB - Virtual size: 1KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 36KB - Virtual size: 201KB

.reloc
Size: 4KB - Virtual size: 1KB