20bda4b614fd768be31822ec53e94b760bab5bd3e02121d1189203b63b58ec79

Sharing

Copy URL Twitter E-mail

General

Target

20bda4b614fd768be31822ec53e94b760bab5bd3e02121d1189203b63b58ec79
Size

228KB
MD5

46d55058e9b3db8736ef5273dfb2e16c
SHA1

65239256e1f7ca076a0492a31c8f7e274bdd9c25
SHA256

20bda4b614fd768be31822ec53e94b760bab5bd3e02121d1189203b63b58ec79
SHA512

34758201f897d390ff9ab98c8e5a34e4b5bd16b8e1f4742dc637799ca8c95599a983f28b223ac6c47621b925c0ab38ed2dde052b89735dbac04c23ab8899b8ff
SSDEEP

6144:Nk0URyA2nY8YvirSijAzw4OqnN2WwU8oFG:Nk/RyA2nAvAvjAXqWG

Score

N/A

Malware Config

Signatures

Files

20bda4b614fd768be31822ec53e94b760bab5bd3e02121d1189203b63b58ec79
.exe windows x86

b4d6c325e3a9c1d870d5ff7757acd7e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
SetWindowLongA
PostMessageA
DrawFrameControl
TrackPopupMenu
FillRect
AppendMenuA
GetFocus
GetCursorPos
GetMessageA
CallWindowProcA
GetClassInfoExA
GetWindowTextLengthA
GetKeyNameTextA
RegisterClassExA
SetFocus
IsDialogMessageA

winhttp

WinHttpSendRequest
WinHttpSetCredentials
WinHttpSetDefaultProxyConfiguration
WinHttpReceiveResponse
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpTimeFromSystemTime
WinHttpTimeToSystemTime
WinHttpReadData
WinHttpQueryOption
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpQueryAuthSchemes
WinHttpOpenRequest
WinHttpOpen
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetDefaultProxyConfiguration
WinHttpDetectAutoProxyConfigUrl
WinHttpCreateUrl
WinHttpCrackUrl
WinHttpConnect
WinHttpCloseHandle
WinHttpCheckPlatform
WinHttpSetOption

kernel32

CreatePipe
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
HeapFree
GetCurrentProcess
TerminateProcess
ExitProcess
HeapAlloc
VirtualAlloc
VirtualFree
ResetEvent
CreateDirectoryA
EnterCriticalSection
InitializeCriticalSection
FindResourceA
GetDateFormatA
GetVersionExA
WriteConsoleW
VirtualProtect
GetModuleHandleA
LoadLibraryExA
GetNativeSystemInfo
GetSystemDirectoryA
GetDriveTypeA
GetVolumeInformationA
GlobalFree
GlobalAlloc
QueryPerformanceCounter
CreateFileA
GetWindowsDirectoryA
GetSystemTime
OpenProcess

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4d6c325e3a9c1d870d5ff7757acd7e3

Headers

File Characteristics

Imports

user32

winhttp

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 64KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 768B

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 64KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 768B