ba0a8ff928c5f2e1a4b7fa45ea0e3855f9cae3583fc834c9ea9070df37dab90c

Sharing

Copy URL

Twitter E-mail

General

Target

ba0a8ff928c5f2e1a4b7fa45ea0e3855f9cae3583fc834c9ea9070df37dab90c
Size

67KB
MD5

d3c258243be279533c3c4294220bf46e
SHA1

eba2647154f1d29f176c989d7c0c389f29b28e26
SHA256

ba0a8ff928c5f2e1a4b7fa45ea0e3855f9cae3583fc834c9ea9070df37dab90c
SHA512

9f57d4293eb603ebd5d977b4cbe9db0d6841fa6b08d14f454aada82c74d82eeeb3ac02d85534d5f4e176de9d79965a9a2e0c72ee0116da81dc3f91ecefe35796
SSDEEP

1536:Xe0fZDVHZ+DP7JkIcDSfmsZt6GK6yxEJ2IInv:u0fDsr7Jr4SfbInxEJ2Ig

Score

N/A

Malware Config

Signatures

Files

ba0a8ff928c5f2e1a4b7fa45ea0e3855f9cae3583fc834c9ea9070df37dab90c
.dll windows x86

8ff1cdb8c4f1ccd2a56f66de055f20b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnumResourceNamesA
ExitProcess
GetACP
GetCommandLineA
GetFileSize
GetLastError
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
ReadFile
RtlUnwind
SetLastError
lstrcmpA

user32

CreateCursor
LoadCursorA
LoadCursorFromFileA
OemToCharA
SetMenuInfo
ShowWindow
DrawTextA
EqualRect

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueA

ole32

OleInitialize
OleUninitialize
GetConvertStg
CreateILockBytesOnHGlobal
RegisterDragDrop
WriteFmtUserTypeStg
OleGetClipboard
OleIsCurrentClipboard
CoCreateInstance
CoDisconnectObject
CoGetClassObject
CoGetMalloc
CoInitialize
CoLockObjectExternal
CoUninitialize
CreateDataAdviseHolder
CreateFileMoniker

wininet

InternetCrackUrlA
InternetConnectA
InternetGetLastResponseInfoA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
InternetSetFilePointer
InternetSetOptionExA
InternetSetStatusCallbackA
InternetWriteFile
InternetCloseHandle
InternetCanonicalizeUrlA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetGetCookieA

shell32

SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteExW
SHGetDesktopFolder

wintrust

CryptCATClose
WinVerifyTrust
CryptCATCDFOpen

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ff1cdb8c4f1ccd2a56f66de055f20b1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

wininet

shell32

wintrust

Sections

.text Size: 46KB - Virtual size: 48KB

.rdata Size: 11KB - Virtual size: 12KB

.data Size: 1KB - Virtual size: 136KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 46KB - Virtual size: 48KB

.rdata
Size: 11KB - Virtual size: 12KB

.data
Size: 1KB - Virtual size: 136KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 8KB