ab1ba38c3c05457284f51d674b56bee0ef15b102df91f237363b3696ddcf113f

Sharing

Copy URL Twitter E-mail

General

Target

ab1ba38c3c05457284f51d674b56bee0ef15b102df91f237363b3696ddcf113f
Size

24KB
MD5

4b891c02150991000a2c6346f3f3fc34
SHA1

c960bd40f9d56b223582feb3fa70680a7fd712bb
SHA256

ab1ba38c3c05457284f51d674b56bee0ef15b102df91f237363b3696ddcf113f
SHA512

e3779fa5362906dcb044092d69c7de8ce0e36a16bccb42a1ab756626ec53e137e62ce1ab23ebd5f592461e7aa2dce4b8d11a8d3c05deb07c537889ad5593e5e7
SSDEEP

384:516dGhvB8sbKz1s4efKpbqUTYm3qQb7rlZ3SjXoIQ3MMAq6J7YfaqKgAk+fnTo:76whp8JmjK3TY0bD3SboIgn1KXfPTo

Score

N/A

Malware Config

Signatures

Files

ab1ba38c3c05457284f51d674b56bee0ef15b102df91f237363b3696ddcf113f
.exe windows x86

22acc1d02747d1d076fa276852af536d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

iswlower
__setusermatherr
_XcptFilter
_exit
_amsg_exit
memcpy
_adjust_fdiv
_chkesp
_except_handler3
_scalb
_mbsspnp
__set_app_type
tanh
__p__commode
exit
__p__fmode
strspn
_cwait
_fsopen
_acmdln
__getmainargs
_getdrive
_getws
_wchdir
_initterm
_controlfp

gdi32

CreatePen
CreateCompatibleDC
CreateFontIndirectA

kernel32

GetDateFormatA
LoadLibraryW
GetFileTime
LockResource
HeapCreate
DeviceIoControl
VirtualFree
GetComputerNameW
HeapAlloc
PulseEvent
GlobalUnlock
SizeofResource
CreateEventA
TerminateThread
GetConsoleOutputCP
GetLastError
GetFileAttributesA
OpenProcess
FlushFileBuffers
GetProcessAffinityMask
ExitThread
GetFileType
IsValidCodePage
GetStartupInfoA
LCMapStringW
WideCharToMultiByte
RaiseException
WriteFile
GetConsoleCP
GetCommandLineW
CloseHandle
DeleteFileA
GetDriveTypeA
GetModuleHandleA
SetPriorityClass
WaitForMultipleObjects
GlobalAddAtomA
GetSystemTimeAsFileTime
CreateFileA
Module32First
GlobalLock
GetSystemInfo
SetFilePointer
TerminateProcess
SetProcessWorkingSetSize
FindClose
GlobalAlloc
VirtualProtect
InitializeCriticalSection

user32

RemoveMenu
CharNextExA
CallNextHookEx
GetWindow
GetMessageA
CharNextA
ChangeDisplaySettingsA
CharPrevA
CharLowerA
ChangeClipboardChain
GetWindowTextA
CascadeWindows
CallMsgFilterA
CharLowerBuffA
CharPrevExA

advapi32

GetSecurityDescriptorSacl

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22acc1d02747d1d076fa276852af536d

Headers

File Characteristics

Imports

msvcrt

gdi32

kernel32

user32

advapi32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 31KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 31KB