7f48fb633e219decceb56e7005291dcdfceec76a0e8b583bb201bf8daa7da802

Sharing

Copy URL Twitter E-mail

General

Target

7f48fb633e219decceb56e7005291dcdfceec76a0e8b583bb201bf8daa7da802
Size

58KB
MD5

5c4421265ecd76e19e485b5b10cf9089
SHA1

023e6776b5dff2585acde7409222c57af97e4607
SHA256

7f48fb633e219decceb56e7005291dcdfceec76a0e8b583bb201bf8daa7da802
SHA512

52ad8d272ad54238936a0de1f53caea4ccd21ef05d9d4ee18b808eb6eb1f446aa85eed9cf861115e5b66be1c51d4ffdc101e889eeabf0a2f15435edb931c4c87
SSDEEP

1536:87IOHmJp5ttrAACu5IoZSAzcwf3MveTdXMLk:8HORrx5IoZSAzcwf3MvwdXM

Score

N/A

Malware Config

Signatures

Files

7f48fb633e219decceb56e7005291dcdfceec76a0e8b583bb201bf8daa7da802
.exe windows x86

39ca950ca9c0bbcb0132469af66eeef2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
GetTokenInformation
IsWellKnownSid
OpenProcessToken
RegisterEventSourceA
ReportEventA

setupapi

SetupRenameErrorA
SetupUninstallOEMInfA

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateEventA
CreateMutexA
CreatePipe
DefineDosDeviceA
DeleteCriticalSection
DeleteVolumeMountPointA
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstVolumeA
FindFirstVolumeW
FindNextVolumeA
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetOEMCP
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetThreadTimes
GetTimeZoneInformation
GetUserDefaultLCID
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GetWindowsDirectoryA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LocalFree
MoveFileA
MultiByteToWideChar
OpenMutexA
PeekNamedPipe
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetUnhandledExceptionFilter
SetVolumeMountPointA
SizeofResource
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualQuery
VirtualUnlock
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
lstrlenW

user32

OpenInputDesktop
OpenWindowStationA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetCurrentObject
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32W
GetTextMetricsA
LineTo
MoveToEx
SelectObject
SetMapMode
SetStretchBltMode
StretchBlt

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileA
SHBrowseForFolderW
SHChangeNotify
SHGetFileInfoA
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
Shell_NotifyIconA
Shell_NotifyIconW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 255B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ca950ca9c0bbcb0132469af66eeef2

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

user32

gdi32

shell32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 255B

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 255B

.rsrc
Size: 19KB - Virtual size: 18KB