f12bfbb764b7560a95c1b86098b70efc0c1a1438289bf1649ddc93e589e2d88c

Sharing

Copy URL Twitter E-mail

General

Target

f12bfbb764b7560a95c1b86098b70efc0c1a1438289bf1649ddc93e589e2d88c
Size

92KB
MD5

00b350f5cf1da98c1f2f82d0f7dba690
SHA1

bc3f35aabd8b052dc8c9843eace69beb252c146e
SHA256

f12bfbb764b7560a95c1b86098b70efc0c1a1438289bf1649ddc93e589e2d88c
SHA512

c8a819be93c7706296397d50ba11b7e03dffcca0534d8c35a7a9c0a8096bc2b4a91ae842ec87ac363f792a02d4892140a89c9ed6d23ea4e72bbcdfb892d8921c
SSDEEP

1536:gDtjJtUDlMNA9V7UDxlToFK2/PPpwS9mV/mKgLzgoZykoD66D7qHd8C:ghjJtUZKxxoFK2/nr+9agSTNd

Score

N/A

Malware Config

Signatures

Files

f12bfbb764b7560a95c1b86098b70efc0c1a1438289bf1649ddc93e589e2d88c
.dll windows x86

a1d68d08f96db176440ba670690c260f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
ExitThread
GetACP
GetCommandLineA
GetLastError
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoA
GetSystemTimeAsFileTime
HeapAlloc
InterlockedIncrement
MapViewOfFile
OpenFileMappingA
RtlUnwind
SetLastError
lstrcmpA

advapi32

RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

wininet

InternetReadFile
InternetWriteFile
InternetSetStatusCallbackA
InternetSetOptionExA
InternetQueryDataAvailable
InternetOpenA
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetSetFilePointer

user32

ShowCursor
RegisterClassA
MessageBoxA
MessageBeep
LoadMenuA
CreateDesktopW
LoadCursorFromFileA
LoadAcceleratorsW
GetMenu
DrawCaption
DefDlgProcA

shell32

ShellExecuteExW
SHFileOperationA
SHBindToParent
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA
ShellExecuteW
SHGetDesktopFolder

shlwapi

PathCompactPathExA
PathIsRootA
PathMatchSpecA
PathQuoteSpacesA
PathFindFileNameA
StrStrIA
PathCanonicalizeA

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW
ImmSetCompositionWindow

msvcrt

_except_handler3
memset
strchr
strlen
getenv
__dllonexit

Exports

Exports

Cbptleixuo
Ownrwuhbv
Rac
Ratxbuac

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1d68d08f96db176440ba670690c260f

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

shell32

shlwapi

imm32

msvcrt

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 32KB

.rdata Size: 22KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 30KB - Virtual size: 32KB

.text
Size: 31KB - Virtual size: 32KB

.rdata
Size: 22KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 30KB - Virtual size: 32KB