0fb5b7788865fdb49d9c817c0b009c8c742f7c1c3309bab4cd87d994f1bd3dc2

Sharing

Copy URL Twitter E-mail

General

Target

0fb5b7788865fdb49d9c817c0b009c8c742f7c1c3309bab4cd87d994f1bd3dc2
Size

840KB
MD5

872c4fa15bc140c9c4d351f1ed1cceab
SHA1

a13365aad4bad0031410307dba425a58bc17c0ef
SHA256

0fb5b7788865fdb49d9c817c0b009c8c742f7c1c3309bab4cd87d994f1bd3dc2
SHA512

8335b36af9a5406715d9d39ff4919c1bc0282b4fecf4237cf8599e202109db776dfe69591f7562c67b5021ef72211ae18675aaa71b215724ffd4d2571f3b23ae
SSDEEP

12288:+EPZKgkzB/6G/3eMygDAQOc25Cnh0nnC/IYy5ZM+UAt6jC3Qms:xRFkB7/3eMVAV6H3qiln

Score

N/A

Malware Config

Signatures

Files

0fb5b7788865fdb49d9c817c0b009c8c742f7c1c3309bab4cd87d994f1bd3dc2
.exe windows x86

c412bc3d208971e1f9fcc4ea1156b47a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CloseHandle
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryA
CopyFileW

libcrypto-1_1

RSA_public_decrypt

msvcp120d

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

msvcr120d

wcslen

mfc120ud

ord532

user32

ShowWindow

gdi32

SetBkMode

advapi32

RegCloseKey

shell32

SHBrowseForFolderW

comctl32

ord17

winhttp

WinHttpQueryDataAvailable

ole32

OleLockRunning

oleaut32

SysAllocString

winmm

PlaySoundW

libcompact

load

Sections

.text
Size: - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

..idata
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c412bc3d208971e1f9fcc4ea1156b47a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

libcrypto-1_1

msvcp120d

msvcr120d

mfc120ud

user32

gdi32

advapi32

shell32

comctl32

winhttp

ole32

oleaut32

winmm

libcompact

Sections

.text Size: - Virtual size: 310KB

.rdata Size: - Virtual size: 117KB

.data Size: - Virtual size: 116KB

.vdata Size: - Virtual size: 334KB

.vdata Size: - Virtual size: 33KB

..idata Size: - Virtual size: 4KB

.text Size: - Virtual size: 447KB

.data Size: - Virtual size: 40KB

Size: 30KB - Virtual size: 30KB

.reloc Size: 512B - Virtual size: 308B

.rsrc Size: 335KB - Virtual size: 334KB

.text
Size: - Virtual size: 310KB

.rdata
Size: - Virtual size: 117KB

.data
Size: - Virtual size: 116KB

.vdata
Size: - Virtual size: 334KB

.vdata
Size: - Virtual size: 33KB

..idata
Size: - Virtual size: 4KB

.text
Size: - Virtual size: 447KB

.data
Size: - Virtual size: 40KB

.reloc
Size: 512B - Virtual size: 308B

.rsrc
Size: 335KB - Virtual size: 334KB