b5cc85f85b55780e3bf3388ae071a4194cf9cc90108d3fbb9e07091daad7e39f

Sharing

Copy URL

Twitter E-mail

General

Target

b5cc85f85b55780e3bf3388ae071a4194cf9cc90108d3fbb9e07091daad7e39f
Size

132KB
MD5

07cde9177d9ba28f9834ce020cbd0e40
SHA1

e1faf0e45ae1088da558766d0b803fff80c789d5
SHA256

b5cc85f85b55780e3bf3388ae071a4194cf9cc90108d3fbb9e07091daad7e39f
SHA512

15437f5556ed80826cd0b412d2ef0d1c6dca9b0a46055d8712d157ab6c5d657b818bd49c63c8110d3838110111594def8bd39187a7fe67d306016585012be980
SSDEEP

3072:LyXd/TziKyzZrT+gl8rv9OuoZZzq6SDADeak7dJHB/AdG7:uXdzyVf+g6rg5zJSsQLH5AdW

Score

N/A

Malware Config

Signatures

Files

b5cc85f85b55780e3bf3388ae071a4194cf9cc90108d3fbb9e07091daad7e39f
.exe windows x86

7292e2f6de943a7978873025105d1259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetExitCodeProcess
WaitForSingleObject
CreateFileMappingA
CreateMutexA
FormatMessageA
CreateProcessA
UnmapViewOfFile
GetVolumeInformationA
MapViewOfFileEx
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
WaitForMultipleObjects
FindFirstFileA
RtlUnwind
HeapAlloc
CompareStringA
CompareStringW
GetStringTypeW
GetStringTypeA
SetStdHandle
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetFileType
GetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetOEMCP
VirtualAlloc
VirtualFree
IsBadWritePtr
ExitProcess
HeapDestroy
LCMapStringW
HeapCreate
FindNextFileA
TerminateProcess
MultiByteToWideChar
FindClose
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
DeleteFileA
GetLastError
WideCharToMultiByte
WriteFile
SetEnvironmentVariableA
GetDriveTypeA
CloseHandle
CreateFileA
HeapReAlloc
GetVersion
HeapSize
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameA
GetCommandLineA
SetCurrentDirectoryA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
PostQuitMessage
CreateDialogParamA
SetForegroundWindow
ShowWindow
GetDlgItem
DestroyWindow
SendMessageA
InvalidateRect
GetClientRect
ExitWindowsEx
PostThreadMessageA
SetWindowTextA
PeekMessageA
GetMessageA
LoadStringA
DialogBoxParamA
TranslateMessage
DispatchMessageA
SendDlgItemMessageA
EndDialog
MessageBoxA
BeginPaint
ReleaseDC
EndPaint
GetDC

gdi32

SelectPalette
SelectObject
DeleteObject
CreateDIBitmap
RealizePalette
CreatePalette
DeleteDC
StretchBlt
SetStretchBltMode
GetObjectA
CreateCompatibleDC

advapi32

OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteA

comctl32

ord17

Exports

Exports

?CDAPFN0506_SendProtectMessage@@3UCDAPFN_PROPERTIES@@A
?PatchCallBack@@YGPAXIPAX@Z

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7292e2f6de943a7978873025105d1259

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 48KB - Virtual size: 45KB