b7cd56a90803ce8cb3cf0f9009c0fc075e2433cf4cc2825c02a05c63170ce7c4

Sharing

Copy URL

Twitter E-mail

General

Target

b7cd56a90803ce8cb3cf0f9009c0fc075e2433cf4cc2825c02a05c63170ce7c4
Size

830KB
MD5

dc8bf157e27058e5a011a56ed7f4df53
SHA1

a608361c5a2b4be1f50e2f58ff65cfbd7647484a
SHA256

b7cd56a90803ce8cb3cf0f9009c0fc075e2433cf4cc2825c02a05c63170ce7c4
SHA512

7fa8065e6c9dd7d8b13033f9647510c04d9f92fc1aa150849c837245aa9028f98bbcb564cd962d5695445443693a14b1e5cd9df0a6f60e97234d5975383016c1
SSDEEP

12288:Gnv6gTE9jNoWPTx5+2qIf1NwINJF4sqf//VzWH4b87aXXByZiBiCbrd4lm4y0CvC:Gn/UvVwyLefFaoXRyYIw4l2K

Score

N/A

Malware Config

Signatures

Files

b7cd56a90803ce8cb3cf0f9009c0fc075e2433cf4cc2825c02a05c63170ce7c4
.exe windows x86

1f1d930abe1a56568e814bd882aabbd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

linkinfo

ResolveLinkInfo
ResolveLinkInfoA
GetLinkInfoData
DestroyLinkInfo
GetCanonicalPathInfo
GetCanonicalPathInfoW
IsValidLinkInfo
CreateLinkInfoW
CompareLinkInfoReferents
CompareLinkInfoVolumes
GetCanonicalPathInfoA
DisconnectLinkInfo

msvcrt

_setjmp3
_wspawnve
_strnicoll
div
_get_osfhandle
vswprintf
_sys_nerr
_wfindnext
_wtol
_getdrive
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?what@exception@@UBEPBDXZ
_wutime
__getmainargs
?terminate@@YAXXZ
_getsystime
_rotl
__set_app_type
__p__commode
longjmp
_strnicmp
_mbsspn
__p___argc
_adj_fdivr_m64
_wfullpath
_ismbstrail
_cprintf
vsprintf
_wcsncoll
exit
_set_sbh_threshold
_mbsstr
_ecvt

user32

GetWindowModuleFileName
OpenDesktopA
SetWindowPlacement
IsCharAlphaNumericW
GetWindowThreadProcessId
GetDesktopWindow
CascadeWindows
UserRegisterWowHandlers
RegisterUserApiHook
DdeInitializeA
IMPGetIMEA
IsDialogMessageA
SetDlgItemTextA
SendMessageA
DefMDIChildProcW
SetWindowWord
SetMenuContextHelpId
EnumWindowStationsA
RegisterSystemThread
SetMessageQueue
CreateAcceleratorTableW

kernel32

EndUpdateResourceW
LoadLibraryW
MultiByteToWideChar
SetThreadIdealProcessor
GetModuleHandleW
GetLocaleInfoW
SetSystemTimeAdjustment
GetCurrentThread
GetConsoleInputExeNameW
GetCurrentProcess
PrivCopyFileExW
QueryPerformanceCounter
RtlUnwind

olecli32

ErrQueryOutOfDate
OleQueryProtocol
SetNextNetDrive
DibEnumFormat
OleEnumObjects
OleReconnect
GetTaskVisibleWindow
LeSetUpdateOptions
OleQueryReleaseMethod
PbCopyToClipboard
GenEnumFormat
LeCreateInvisible
OleSavedClientDoc
DibDraw
OleSetLinkUpdateOptions
LeObjectConvert
BmQueryBounds
LeRelease
ErrCopyFromLink

Sections

.text
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f1d930abe1a56568e814bd882aabbd9

Headers

DLL Characteristics

File Characteristics

Imports

linkinfo

msvcrt

user32

kernel32

olecli32

Sections

.text Size: 382KB - Virtual size: 382KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 174KB - Virtual size: 174KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 382KB - Virtual size: 382KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 174KB - Virtual size: 174KB

.reloc
Size: 1024B - Virtual size: 844B