fb905a983317b92d67ff4a45fef1a84de03b0c936f9aa6e66ab3636e202925b9

Sharing

Copy URL Twitter E-mail

General

Target

fb905a983317b92d67ff4a45fef1a84de03b0c936f9aa6e66ab3636e202925b9
Size

23KB
MD5

0a9007312d1c921a155d0b4c69f4fb30
SHA1

8385fabaaeae0703a8cf7795299b4092b19ec034
SHA256

fb905a983317b92d67ff4a45fef1a84de03b0c936f9aa6e66ab3636e202925b9
SHA512

fce36136d02b6889e2896a1fcab260b2e8c68acce14c83a59dd0fce95a89397e10dc1e27f8e627489bac73184ec48cb5bf25215d754043fcc3c63915149c1c6c
SSDEEP

384:bReEfC5Q4HhBXI2J1/J/hpaGmOFiFon8ahYQNVonuxP2sXxMUUDteBtS4qZ0K2:9vCThye1/J/KGmOFiFa8yTmuxP2sXxW/

Score

N/A

Malware Config

Signatures

Files

fb905a983317b92d67ff4a45fef1a84de03b0c936f9aa6e66ab3636e202925b9
.exe windows x86

aee9eeb37299211af4a6541cb685fbf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLOpenBlockingStreamA
URLOpenBlockingStreamW

user32

ReleaseDC
OffsetRect
GetDC
wsprintfA
GetDesktopWindow
LoadStringA
wvsprintfA

kernel32

SetFilePointer
GetLocaleInfoW
GetCommandLineA
QueryPerformanceCounter
VirtualAlloc
InterlockedIncrement
GetCPInfo
GetVersionExA
HeapCreate
WriteFile
GetEnvironmentStrings
ExitProcess
GetUserDefaultLCID
HeapSize
Sleep
GetModuleHandleA
GetCurrentThreadId
HeapDestroy
SetStdHandle
GetCurrentProcess
OutputDebugStringA
FreeEnvironmentStringsA
HeapAlloc
GetStringTypeW
CreateFileA
GetOEMCP
lstrlenW
IsValidLocale
TerminateProcess
HeapReAlloc
GetTickCount
GetStringTypeA
TlsSetValue
LeaveCriticalSection
SetEndOfFile
GetLocaleInfoA
lstrcpyA
EnumSystemLocalesA
GetEnvironmentStringsW
GetACP
WideCharToMultiByte
GetStartupInfoA
GetLastError
LCMapStringW
MultiByteToWideChar
GetCurrentProcessId
DeleteCriticalSection
SetUnhandledExceptionFilter
EnterCriticalSection
HeapFree
GetStdHandle
LCMapStringA
ReadFile
GetFileType
FreeEnvironmentStringsW
InitializeCriticalSection
TlsGetValue
GetSystemInfo
InterlockedExchange
VirtualProtect
lstrlenA
TlsFree
VirtualQuery
GetModuleFileNameA
SetHandleCount
FlushFileBuffers
RaiseException
GetSystemTimeAsFileTime
InterlockedDecrement
TlsAlloc
GetProcAddress
GetProcessHeap
SetLastError
LoadLibraryA
IsValidCodePage
VirtualFree
CloseHandle

gdi32

SelectObject
GetDIBits
DeleteObject
CreateCompatibleDC
DeleteDC
CreateCompatibleBitmap
CreateDIBSection
GetPaletteEntries
GetObjectA

advapi32

RegQueryValueExA
RegOpenKeyExA

activeds

FreeADsMem

msvcrt

_beginthread
_beep
_chdir
exit

avifil32

AVIFileInfo

ntdll

RtlUnwind

Sections

.textbss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aee9eeb37299211af4a6541cb685fbf4

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

user32

kernel32

gdi32

advapi32

activeds

msvcrt

avifil32

ntdll

Sections

.textbss Size: - Virtual size: 80KB

.idata Size: 21KB - Virtual size: 21KB

.text Size: 512B - Virtual size: 508B

.rsrc Size: 512B - Virtual size: 76KB

.textbss
Size: - Virtual size: 80KB

.idata
Size: 21KB - Virtual size: 21KB

.text
Size: 512B - Virtual size: 508B

.rsrc
Size: 512B - Virtual size: 76KB