bb5f1469a374c988309e52c01fddd54c05d7e226e6c255efc859165e72483762

Sharing

Copy URL Twitter E-mail

General

Target

bb5f1469a374c988309e52c01fddd54c05d7e226e6c255efc859165e72483762
Size

257KB
MD5

5c62c02a409b040726ed7dbc21f1f320
SHA1

0b95698d040c3c04710ffceaa8e6bbdb80684bc3
SHA256

bb5f1469a374c988309e52c01fddd54c05d7e226e6c255efc859165e72483762
SHA512

4ea888b29a4c9565b48abdb65aa64218e4472c8bf34782716bb4e74e34e5567a79ccb08970d511286c61989577596cfedf7ee22dd734f3b4283e9a3ed01e3354
SSDEEP

6144:WZTlnN3HxAhazaSK4QM5HTPmOFGOGt/HqixmyYVgGo5n:kUM5LFfG5dfl

Score

N/A

Malware Config

Signatures

Files

bb5f1469a374c988309e52c01fddd54c05d7e226e6c255efc859165e72483762
.exe windows x86

050afd4377373813224987acb5135daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupCloseInfFile
SetupCopyOEMInfW
SetupDiGetINFClassW
SetupGetInfFileListW
SetupOpenInfFileW
SetupUninstallOEMInfW
SetupGetLineTextW

ole32

CoUninitialize
StringFromGUID2
CoTaskMemFree
CoInitialize
CoInitializeEx
CoCreateInstance

user32

DispatchMessageW
GetMessageW
IsWindowUnicode
GetMessageA
MsgWaitForMultipleObjectsEx
PeekMessageW
DispatchMessageA
TranslateMessage

kernel32

VirtualAlloc
DeleteCriticalSection
VerSetConditionMask
CreateEventW
FlushFileBuffers
TlsGetValue
WriteConsoleA
CloseHandle
SetHandleCount
GetCurrentThreadId
ExitThread
OutputDebugStringW
GetConsoleCP
GetCommandLineW
GetSystemInfo
FreeLibrary
GetModuleHandleW
GetConsoleMode
LCMapStringA
SetUnhandledExceptionFilter
LCMapStringW
GetModuleHandleA
HeapDestroy
GetSystemDirectoryW
SizeofResource
ReadFile
DeleteFileW
VerifyVersionInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
LoadResource
TerminateThread
LocalFree
RtlUnwind
UnhandledExceptionFilter
OpenProcess
GetConsoleOutputCP
FindResourceW
GetFileSize
EnterCriticalSection
WaitForMultipleObjects
lstrlenW
SetLastError
HeapFree
SetFilePointer
GetStdHandle
WriteFile
IsDebuggerPresent
HeapSize
LeaveCriticalSection
CreateThread
HeapReAlloc
WaitForSingleObject
GetSystemTimeAsFileTime
GetLocalTime
WriteConsoleW
GetACP
LoadLibraryExW
VirtualFree
GetOEMCP
GetProcessHeap
TlsSetValue
TlsAlloc
ResetEvent
FreeEnvironmentStringsW
CreateFileW
LockResource
IsValidCodePage
SetStdHandle
HeapAlloc
TlsFree
WideCharToMultiByte
ResumeThread
CreateFileA
RaiseException
SetFileAttributesW
FindResourceExW
GetFullPathNameA
VirtualAllocEx
LocalAlloc

shell32

SHGetFolderPathW
CommandLineToArgvW
SHGetSpecialFolderPathW

advapi32

RegEnumValueW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
TraceMessage
RegDeleteValueW

shlwapi

SHCopyKeyW
PathIsUNCServerW
PathStripPathW
SHDeleteKeyW
PathFileExistsW
PathAppendW
PathAddBackslashW
PathRemoveFileSpecW

dbghelp

MakeSureDirectoryPathExists
SymEnumerateSymbolsW
SymLoadModuleEx
ImageRvaToVa
SymGetSymNext
SymLoadModule64
SymGetTypeFromName
SymGetLineNext64
UnDecorateSymbolName
SymSetContext
SymGetModuleInfo
SymGetSymFromAddr64
EnumerateLoadedModules
SymGetSymPrev64

printui

PrinterPropPageProvider
DocumentPropertiesWrap
vDocumentDefaults

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RSrv
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MoDk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IiUjAp
Size: 1024B - Virtual size: 929B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OaRtLe
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FGIB
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JGVDv
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FiyYSmH
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

050afd4377373813224987acb5135daa

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ole32

user32

kernel32

shell32

advapi32

shlwapi

dbghelp

printui

Sections

.text Size: 97KB - Virtual size: 97KB

.RSrv Size: 2KB - Virtual size: 1KB

.MoDk Size: 4KB - Virtual size: 4KB

.IiUjAp Size: 1024B - Virtual size: 929B

.data Size: 6KB - Virtual size: 173KB

.rdata Size: 129KB - Virtual size: 128KB

.OaRtLe Size: 1KB - Virtual size: 1KB

.FGIB Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.JGVDv Size: 5KB - Virtual size: 4KB

.FiyYSmH Size: 3KB - Virtual size: 2KB

.text
Size: 97KB - Virtual size: 97KB

.RSrv
Size: 2KB - Virtual size: 1KB

.MoDk
Size: 4KB - Virtual size: 4KB

.IiUjAp
Size: 1024B - Virtual size: 929B

.data
Size: 6KB - Virtual size: 173KB

.rdata
Size: 129KB - Virtual size: 128KB

.OaRtLe
Size: 1KB - Virtual size: 1KB

.FGIB
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.JGVDv
Size: 5KB - Virtual size: 4KB

.FiyYSmH
Size: 3KB - Virtual size: 2KB