f88a922aa3d82f03b4aace129150ef1878afb756cf5984faa46a54d70c9e1937

Sharing

Copy URL Twitter E-mail

General

Target

f88a922aa3d82f03b4aace129150ef1878afb756cf5984faa46a54d70c9e1937
Size

168KB
MD5

18d21ca7e013721e53a8428c378c51c0
SHA1

3846e32fa8217753eddef40c362fbf5cc0c23518
SHA256

f88a922aa3d82f03b4aace129150ef1878afb756cf5984faa46a54d70c9e1937
SHA512

18c9eaa22f27878c4dd53c48591253d27621f707c454afcb69a281b52d6280549f742be14396c7cf8a8b5dc7d20a8c23bf09c2920743c75231f2c387d00d2f01
SSDEEP

3072:ETHcgRNRnh9/PifMTHatKZ8lXn8BJ22QSDjzIk3A9ypFx:ccgRNRrXiUT6LN2vDRQ9ypF

Score

N/A

Malware Config

Signatures

Files

f88a922aa3d82f03b4aace129150ef1878afb756cf5984faa46a54d70c9e1937
.exe windows x86

0a5f4b8d3847716a6a8e83cd0c464509

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
lstrcpyA
lstrlenA
Sleep
GetTickCount
GetACP
CloseHandle
ReleaseMutex
DefineDosDeviceA
SetStdHandle
LCMapStringW
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringA
IsBadWritePtr
HeapReAlloc
MultiByteToWideChar
HeapAlloc
GetOEMCP
VirtualAlloc
SetFilePointer
GetLastError
GetCPInfo
RtlUnwind
HeapFree
WriteFile
LoadLibraryA
GetModuleHandleA
HeapCreate
HeapDestroy
CreateMutexA
OpenMutexA
GetStartupInfoA
VirtualFree
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetProcAddress
FreeLibrary
CreateFileA
DeviceIoControl
GetVersion
ExitProcess
FreeEnvironmentStringsA
GetCommandLineA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleFileNameA

user32

LoadCursorA
ReleaseCapture
DispatchMessageA
TranslateMessage
GetMessageA
PostMessageA
UpdateWindow
ShowWindow
CreateWindowExA
GetSystemMetrics
RegisterClassExA
LoadStringA
LoadIconA
MessageBoxA
SetCapture
DefWindowProcA
SetTimer
ShowCursor
KillTimer
MoveWindow
GetDC
ReleaseDC
PostQuitMessage
wsprintfA
SetWindowTextA
DestroyWindow
BeginPaint
EndPaint
SetFocus
SendMessageA
InvalidateRect

gdi32

CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SetPixel
CreatePen
GetStockObject
BitBlt
DeleteDC
DeleteObject
FillRgn
CreatePolygonRgn
GetTextExtentPoint32A
PatBlt
CreateDCA
GetDeviceCaps
SelectObject
MoveToEx
LineTo
TextOutA
GetTextMetricsA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ktspzmb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a5f4b8d3847716a6a8e83cd0c464509

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 40KB - Virtual size: 40KB

ktspzmb Size: - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 40KB - Virtual size: 40KB

ktspzmb
Size: - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB