0b3c449fee8fd7e3e08f9ad37fcdb0efd6f4d918321c2ed3e539c2524e87349e

Sharing

Copy URL Twitter E-mail

General

Target

0b3c449fee8fd7e3e08f9ad37fcdb0efd6f4d918321c2ed3e539c2524e87349e
Size

553KB
MD5

a10bfa8e656a655388026bf778e7bb48
SHA1

cacc933d4f7a2b0d2fe132199585d6276349f6dd
SHA256

0b3c449fee8fd7e3e08f9ad37fcdb0efd6f4d918321c2ed3e539c2524e87349e
SHA512

fe5aa7bd53e35184887ba92462da9f9b3d95c7b6083e4cae2d9c6ac0dadec0de8c1c8da0df1a7f5f48f3e954d94859f1cdb1b164b163cf4a6b1de1773421d68f
SSDEEP

12288:06I0/eGUywQzkZ31Eb3iumQBrUMgNN5OI:06I93QYt1ECQBFKvO

Score

N/A

Malware Config

Signatures

Files

0b3c449fee8fd7e3e08f9ad37fcdb0efd6f4d918321c2ed3e539c2524e87349e
.exe windows x86

89b738756539fb02083cf3d9e3d7de86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

TlsSetValue
ReadConsoleOutputW
GetCurrentProcessId
HeapDestroy
HeapFree
GetLocaleInfoA
GetVersionExA
GetCommandLineW
GetUserDefaultLCID
VirtualFree
TlsFree
GetStdHandle
WideCharToMultiByte
HeapReAlloc
GetProcAddress
FlushFileBuffers
GetFileType
UnhandledExceptionFilter
GetModuleHandleA
GetDateFormatA
SetFilePointer
InitializeCriticalSection
GetProcessHeap
EnumResourceTypesW
GetStringTypeA
FreeEnvironmentStringsW
GetTimeZoneInformation
VirtualAlloc
IsValidLocale
SetHandleCount
TlsAlloc
IsBadWritePtr
VirtualQuery
CloseHandle
GetModuleFileNameA
WriteFile
CreateMutexA
ExitProcess
GetStartupInfoA
GetCurrentThreadId
IsValidCodePage
InterlockedExchange
SetLastError
ReadFile
HeapCreate
EnterCriticalSection
MultiByteToWideChar
SetEnvironmentVariableA
GetEnvironmentStringsW
GetACP
GetCurrentThread
GetCPInfo
GetModuleFileNameW
CompareStringW
OpenMutexA
DeleteCriticalSection
CompareStringA
GetStartupInfoW
LoadLibraryA
GetStringTypeW
WritePrivateProfileStringA
GetSystemTimeAsFileTime
WriteProfileSectionW
GetSystemInfo
SetStdHandle
EnumSystemLocalesA
LCMapStringA
TlsGetValue
GetTickCount
GetOEMCP
HeapAlloc
GetTimeFormatA
TerminateProcess
GetLocaleInfoW
QueryPerformanceCounter
LCMapStringW
FreeEnvironmentStringsA
HeapSize
GetCommandLineA
GetCurrentProcess
GetLastError
GetEnvironmentStrings
LeaveCriticalSection
RtlUnwind
VirtualProtect

advapi32

InitializeSecurityDescriptor
RegReplaceKeyA
CryptDecrypt
RegSetKeySecurity
CryptGetHashParam
CryptGenRandom
RegSetValueExA
RegQueryInfoKeyW
CryptSignHashW

user32

IsDialogMessageA
PeekMessageW
ToAscii
UnpackDDElParam
CascadeChildWindows
RegisterClassW
GetKBCodePage
GetMenuItemID
DlgDirSelectExW
GetWindowTextLengthA
SendIMEMessageExA
GetWindowThreadProcessId
GetMessagePos
RegisterClassExA
RegisterDeviceNotificationW
GetDlgCtrlID
GetWindow
UnregisterClassW
WINNLSEnableIME
TileWindows
DefDlgProcA
LoadCursorFromFileA
GetKeyboardLayoutNameW
RegisterClassA
EndTask
EnumDisplaySettingsW
ChangeMenuA

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89b738756539fb02083cf3d9e3d7de86

Headers

File Characteristics

Imports

comctl32

kernel32

advapi32

user32

Sections

.text Size: 222KB - Virtual size: 222KB

.rdata Size: 8KB - Virtual size: 23KB

.data Size: 314KB - Virtual size: 314KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 222KB - Virtual size: 222KB

.rdata
Size: 8KB - Virtual size: 23KB

.data
Size: 314KB - Virtual size: 314KB

.rsrc
Size: 6KB - Virtual size: 6KB