fbfebbd124ffd93ccfaa2e0d1fcb7fba04a3fe737a5b46b8d09c942267d78bf1

Sharing

Copy URL

Twitter E-mail

General

Target

fbfebbd124ffd93ccfaa2e0d1fcb7fba04a3fe737a5b46b8d09c942267d78bf1
Size

277KB
MD5

80225eb7520365640fcf49a28d3c22e2
SHA1

e96b3fc77ce5ec2907372c8b031b212a60e8e407
SHA256

fbfebbd124ffd93ccfaa2e0d1fcb7fba04a3fe737a5b46b8d09c942267d78bf1
SHA512

5253b391995a9a99e62ca58455cc229fc3b153f480cb7fd5463d82780207f67c1e080c710159b6e24edabf949fb05a87307af0474b869501760cec99c29208dc
SSDEEP

6144:WQtMFE/skcyhpl/Xd6GkFtXg1yXlIr9qSUXP/wbXl:WQmIvUK1G+iHwbX

Score

N/A

Malware Config

Signatures

Files

fbfebbd124ffd93ccfaa2e0d1fcb7fba04a3fe737a5b46b8d09c942267d78bf1
.exe windows x86

982bbeb7c89d3cbf3fae46e3925b0a07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ResolveDesktopForWOW
IsDialogMessageW
DlgDirSelectExA
LoadAcceleratorsA
RegisterDeviceNotificationA
IsZoomed
IsChild
GetMenu
GetSystemMetrics
RegisterClassExW
LoadMenuA
DrawCaptionTempW
FindWindowA
MessageBoxIndirectW
GetDC
PackDDElParam
GetSysColor
GetSysColorBrush
GetDesktopWindow
PtInRect
LoadMenuIndirectA
GetClientRect
LoadCursorA
SetMenuItemBitmaps
IsCharAlphaA
GetForegroundWindow
LoadMenuW
ChangeDisplaySettingsExW
DdeClientTransaction
GetProcessDefaultLayout
LoadIconA
DialogBoxIndirectParamW

comctl32

ImageList_DragLeave
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_GetFlags
DrawStatusTextW
ImageList_SetImageCount
UninitializeFlatSB
LBItemFromPt
ImageList_Duplicate
FlatSB_GetScrollPos
ImageList_DragMove
MenuHelp
InitCommonControlsEx
CreateStatusWindowW
ImageList_Read
ImageList_Merge
CreateStatusWindowA
ImageList_GetIcon
ImageList_Destroy
ImageList_SetFlags
FlatSB_SetScrollPos
ImageList_Draw
InitMUILanguage
ImageList_Create
ImageList_SetFilter
DllGetVersion
GetEffectiveClientRect
PropertySheet
ImageList_AddIcon
InitializeFlatSB
ImageList_Remove

kernel32

CopyFileA
GetCurrentProcessId
lstrcmpW
GetCommandLineW
GetProcAddress
lstrcpynA
lstrlenW
GetCompressedFileSizeA
GetStartupInfoW
GetVersionExW
GetCurrentProcess
AddAtomA
GetCurrentThreadId
GetConsoleTitleA
GetCommandLineA
SetEvent
QueryPerformanceCounter
VirtualAlloc
GetSystemTimeAsFileTime
GetFileAttributesA
LoadLibraryA
ResetEvent
lstrcmpA
lstrcpynW
AddAtomW
GetCurrentThread
AddConsoleAliasA
GetTickCount
CreateEventA
CloseHandle

shlwapi

PathIsDirectoryEmptyA
StrIsIntlEqualW
StrTrimA
PathFindExtensionW
PathIsSystemFolderA
StrStrIA
PathFindExtensionA
PathGetDriveNumberW
PathRemoveBlanksA
PathStripPathA
PathSkipRootA
StrStrIW
StrTrimW
UrlIsW
SHDeleteEmptyKeyW
PathStripToRootA
StrStrA
StrCSpnA
SHQueryValueExW
PathUnExpandEnvStringsW
PathStripPathW
SHRegGetPathA
PathIsNetworkPathW
PathRemoveBlanksW
PathRemoveArgsA

cryptext

CryptExtOpenP7RW
DllGetClassObject
CryptExtAddCTL
CryptExtOpenCATW
CryptExtAddP7RW
CryptExtOpenCERW
CryptExtOpenCTL
CryptExtAddSPCW
CryptExtAddCERW
CryptExtOpenPKCS7W
CryptExtAddPFX
CryptExtOpenCRL
CryptExtAddCRLW
DllCanUnloadNow

wsnmp32

SnmpSetTranslateMode
SnmpFreeContext
SnmpSendMsg
SnmpCountVbl
SnmpFreeEntity
SnmpSetRetransmitMode
SnmpRegister
SnmpDuplicateVbl
SnmpOidCompare
SnmpSetRetry
SnmpGetTimeout
SnmpGetTranslateMode
SnmpSetPort
SnmpSetTimeout
SnmpContextToStr
SnmpListen
SnmpCreateVbl
SnmpStrToEntity

gdi32

GetEnhMetaFileHeader
GdiConvertFont
GdiEntry13
FONTOBJ_pifi
CreatePalette
GetGlyphOutlineWow
EnumFontFamiliesExW
CreateSolidBrush
CreatePen
GetROP2
SetTextJustification
FloodFill
CreateBrushIndirect
PlayEnhMetaFile
CancelDC
SelectObject
DeleteObject
GetWindowExtEx
EqualRgn
GetPixelFormat
EngCreatePalette
EndDoc
GdiQueryTable
AnyLinkedFonts
CreateFontIndirectA
XLATEOBJ_hGetColorTransform

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

982bbeb7c89d3cbf3fae46e3925b0a07

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

kernel32

shlwapi

cryptext

wsnmp32

gdi32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 202KB - Virtual size: 201KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 202KB - Virtual size: 201KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 3KB - Virtual size: 3KB