de60ffcc785244bd5d375bc0a59bc7c6e6a8ddab177aa68f07581fb4531e682d

Sharing

Copy URL

Twitter E-mail

General

Target

de60ffcc785244bd5d375bc0a59bc7c6e6a8ddab177aa68f07581fb4531e682d
Size

302KB
MD5

358a5505b79689d29722c554048aaf14
SHA1

a34e1f65f5e0f026ef06be9a2c3adcbbf35824c7
SHA256

de60ffcc785244bd5d375bc0a59bc7c6e6a8ddab177aa68f07581fb4531e682d
SHA512

92d2d796639274522ab72a72788cedc1d84e93e3b5b6fe2c2d6f65ad41425134da7411a35bf7fdab13e185896602a44e1a2bb896435136746c071cad33be0a73
SSDEEP

6144:to4bhnDV1sUUe9W1vJfWpJ+9KyEYl3gPf9jiqwEe71P3GSe:ndDb2vxWpJUEYl38t0J

Score

N/A

Malware Config

Signatures

Files

de60ffcc785244bd5d375bc0a59bc7c6e6a8ddab177aa68f07581fb4531e682d
.exe windows x86

bba4f43b43d4b402be6c85b31e8e96bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetModuleHandleA
GetOEMCP
CompareStringA
FreeEnvironmentStringsA
GetModuleFileNameW
GetLocaleInfoW
GetACP
VirtualFree
LeaveCriticalSection
TlsSetValue
GetCurrentProcessId
SetLastError
TerminateProcess
GetStringTypeW
FreeEnvironmentStringsW
GetStdHandle
GetStartupInfoA
RtlUnwind
VirtualQuery
GetCPInfo
HeapSize
GetVersionExA
CreateRemoteThread
GetUserDefaultLCID
GetLastError
IsDebuggerPresent
GetCurrentProcess
SetEvent
GetDateFormatA
GetCommandLineA
MultiByteToWideChar
SetHandleCount
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetProcAddress
WriteFile
GetCurrentThread
IsValidCodePage
GetStringTypeA
GetTickCount
QueryPerformanceCounter
Sleep
HeapReAlloc
GetTimeZoneInformation
InterlockedExchange
VirtualAlloc
GetModuleFileNameA
TlsAlloc
GetTimeFormatA
WideCharToMultiByte
FreeLibrary
GetStartupInfoW
EnterCriticalSection
DeleteCriticalSection
TlsGetValue
GetProcessHeap
LoadLibraryA
HeapAlloc
InterlockedDecrement
TlsFree
IsValidLocale
GetFileType
LCMapStringA
LCMapStringW
HeapFree
InterlockedIncrement
SetUnhandledExceptionFilter
EnumSystemLocalesA
GetEnvironmentStringsW
InitializeCriticalSection
SetEnvironmentVariableA
HeapCreate
HeapDestroy
UnhandledExceptionFilter
ExitProcess
GetEnvironmentStrings
GetCommandLineW
CompareStringW
GetLocaleInfoA

wininet

InternetGoOnlineA
InternetFindNextFileA

shell32

SheChangeDirExW
SHGetFileInfo
DoEnvironmentSubstW

gdi32

TranslateCharsetInfo
GetWorldTransform
ExtTextOutW
ChoosePixelFormat
SetDeviceGammaRamp
GetObjectW
DrawEscape
GetEnhMetaFileBits
GetRegionData
SetMagicColors
SetBkMode
GetCharWidthA
CreateFontW
GetCharacterPlacementW
SetLayout
GetTextExtentPoint32A
SelectPalette
EnumFontFamiliesExW
GetPaletteEntries

advapi32

CryptDuplicateKey
LookupPrivilegeNameA
RegSaveKeyW
RegSetKeySecurity
CryptDestroyKey
RegQueryInfoKeyW
CryptSetProviderExW
CryptAcquireContextA
CryptEncrypt
RegQueryMultipleValuesA
LookupSecurityDescriptorPartsA
CryptVerifySignatureW

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bba4f43b43d4b402be6c85b31e8e96bc

Headers

File Characteristics

Imports

kernel32

wininet

shell32

gdi32

advapi32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 9KB - Virtual size: 32KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 9KB - Virtual size: 32KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 10KB - Virtual size: 10KB