bb0c71d70399d237d80f68f6ca0ab280936eef479fa5aff2ffcda017a433a41a

Sharing

Copy URL Twitter E-mail

General

Target

bb0c71d70399d237d80f68f6ca0ab280936eef479fa5aff2ffcda017a433a41a
Size

1022KB
MD5

fa83dbb4d8f0a69c8eddf21dd05b8642
SHA1

2c3da5fdbe2b459a57e6bc3f57d53b0e8ed32d39
SHA256

bb0c71d70399d237d80f68f6ca0ab280936eef479fa5aff2ffcda017a433a41a
SHA512

4c2c02e4fec1cf4f35eb8a29e9ef51fa45561978f740b72a1a9053b7cda6d783b7943af4dbc319bcbd3e4c61e453eefbccb3bd9c8988c875610dcf70c91c594a
SSDEEP

12288:TMd+dS+022QkUwjeK9B6eNrH+TfG4oH83ieq8Y:TMd+dhnDwi8reTe4oPeq

Score

N/A

Malware Config

Signatures

Files

bb0c71d70399d237d80f68f6ca0ab280936eef479fa5aff2ffcda017a433a41a
.exe windows x86

8576d4d0994336b9f0f078b079843908

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
TerminateProcess
WideCharToMultiByte
LocalFree
WriteFile
GetSystemTimeAsFileTime
GetStdHandle
GetFileType
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
FormatMessageW
lstrlenA
GetCommandLineA
GetLastError
GetModuleHandleA
GetDriveTypeA
GetFileAttributesW
GetTickCount
GetCommandLineW
GlobalAlloc
GetVersion
GetCurrentThreadId
LoadLibraryA
GetProcessHeap
Sleep
HeapAlloc
GetFileAttributesA
LoadLibraryW
VirtualAllocEx
GetModuleHandleW
GetCurrentProcessId
GetDriveTypeW
WriteConsoleW

user32

GetSysColor
GetMenu
EnableMenuItem
GetSystemMetrics
SendMessageA
GetDC
UpdateWindow
ShowWindow
SendMessageW
LoadBitmapW
GetParent
LoadBitmapA
IsWindowVisible
DestroyWindow
IsWindow
DestroyIcon
GetKeyState
LoadIconW

gdi32

GetEnhMetaFileA
CreateCompatibleDC
GetDCPenColor
SetTextAlign
DeleteEnhMetaFile
GetBkMode
DeleteDC
CancelDC
AddFontResourceA
EndPage
AbortDoc
SaveDC
EndDoc
CreatePatternBrush
GetEnhMetaFileW
SelectObject
CloseEnhMetaFile
EndPath
DeleteMetaFile
FlattenPath
CloseMetaFile
GetLayout
AbortPath
GdiFlush
GetFontLanguageInfo

advapi32

RegQueryValueExA
RegOpenKeyA

winmm

timeGetTime

msvcrt

_XcptFilter
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_ultow
_wcsnicmp
_wsystem
exit
free
malloc
setlocale
wcscat
wcscmp
wcscpy
wcslen

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 960KB - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8576d4d0994336b9f0f078b079843908

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

msvcrt

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 960KB - Virtual size: 960KB

.rdata2 Size: 16KB - Virtual size: 15KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 960KB - Virtual size: 960KB

.rdata2
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 14KB - Virtual size: 13KB