0cfe220afed89bfda8991ed84f40a7c4867374d0eaf1d608428fbd9d8cadc65e

Sharing

Copy URL

Twitter E-mail

General

Target

0cfe220afed89bfda8991ed84f40a7c4867374d0eaf1d608428fbd9d8cadc65e
Size

48KB
MD5

c2cf69339c600728b364972ce3441973
SHA1

19e4ee7a751cf0f433c54327ca71dbd33d8bb9e4
SHA256

0cfe220afed89bfda8991ed84f40a7c4867374d0eaf1d608428fbd9d8cadc65e
SHA512

6a19a28255ea3bc5bc9364035a994cf0d2a1d62dcb07dba01054111dcf8eb6282a4f65ff809383ea155b38b0634cc8596db8cceae1457933df7a28a4eeb07b7c
SSDEEP

768:vBICpuGcuZW+dfpCMXY8ylLW6meDFdOriAtilfu:vBeGcYU8Q7mepYrSl2

Score

N/A

Malware Config

Signatures

Files

0cfe220afed89bfda8991ed84f40a7c4867374d0eaf1d608428fbd9d8cadc65e
.exe windows x86

9778c38b14443288951713f76f03c48a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
WriteFile
GetSystemTime
Sleep
GetCurrentThreadId
GetWindowsDirectoryA
WaitForSingleObject
ResetEvent
MultiByteToWideChar
lstrlenA
SetFilePointer
WideCharToMultiByte
lstrlenW
CreateEventA
GetModuleFileNameA
CreateThread
GetOEMCP
SetEvent
CompareStringW
CompareStringA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CloseHandle
HeapFree
SystemTimeToFileTime
SetStdHandle
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetACP
GetCPInfo
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetLastError
VirtualFree
SetEnvironmentVariableA
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
GetTimeZoneInformation
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess

user32

SetThreadDesktop
CreateDesktopA
CloseDesktop
FindWindowExA
SendMessageA
GetThreadDesktop

advapi32

RegCloseKey
RegOpenKeyExA

ole32

CoInitializeEx
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringLen

shlwapi

PathFileExistsA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9778c38b14443288951713f76f03c48a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 720B

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 720B