8ba95c455fcc0cfad576fcf34d4a1a4ffaac1eb1a76f729cd7bc74880259bcd2

Sharing

Copy URL Twitter E-mail

General

Target

8ba95c455fcc0cfad576fcf34d4a1a4ffaac1eb1a76f729cd7bc74880259bcd2
Size

24KB
MD5

511964c3e51df4503aac0340a0360d6f
SHA1

cd37de7b99b4a2336486e31569f953b5ed755038
SHA256

8ba95c455fcc0cfad576fcf34d4a1a4ffaac1eb1a76f729cd7bc74880259bcd2
SHA512

9e284cd79b5a47999cd02ada0f1b91f6efc7c76e0e2bc8feba968ec1e196a4778a866d7ae4f22a4b53f518470ab82b301cd9b1d8318dfb3df881665ed71fa490
SSDEEP

384:uFm2elfzaJxXOmFpikgs9XMV+ekM0tmRHb1yBbt0iltg55QGBnZo:IdIWxd7f9MQBtGHi0iltg55JBn

Score

N/A

Malware Config

Signatures

Files

8ba95c455fcc0cfad576fcf34d4a1a4ffaac1eb1a76f729cd7bc74880259bcd2
.exe windows x86

97c13200ffed524bb0f9ec6098cab889

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
ExpandEnvironmentStringsW
LockResource
GetProfileStringW
MultiByteToWideChar
lstrlenW
Sleep
SetFileTime
WriteFile
HeapFree
GetShortPathNameW
GetFullPathNameW
GetFileTime
CreateFileW
LoadLibraryExW
MapViewOfFileEx
AttachConsole
SetLastError
lstrcmpiW
SizeofResource
GetSystemInfo
LocalAlloc
TerminateProcess
lstrcmpW
GetProcessHeap
CopyFileW
GetVolumeInformationW
FormatMessageW
GetTempPathW
GetProcAddress
LoadResource
GetTempFileNameW
lstrlenA
FindResourceW
GetCurrentThreadId
GetPrivateProfileIntW
GetCurrentProcess
GetTickCount
GetFileAttributesW
GetVersionExW
CompareStringW
GetUserDefaultUILanguage
DeleteFileW
HeapAlloc
WritePrivateProfileStringW
GetDiskFreeSpaceW
FindClose
LocalReAlloc
SearchPathW
WideCharToMultiByte
FreeLibrary
QueryPerformanceCounter
GetWindowsDirectoryW
WritePrivateProfileSectionW
UnmapViewOfFile
InterlockedCompareExchange
MoveFileW
SetFilePointer
DisableThreadLibraryCalls
FindFirstFileW
lstrcmpiA
MulDiv
VirtualAlloc
FindNextFileW
ReadFile
GetEnvironmentVariableW
GetLocalTime
SetFileAttributesW
GetCurrentProcessId
CloseHandle
RtlUnwind
EnumResourceLanguagesW
GetPrivateProfileStringW
GetLastError
GetLocaleInfoW
GetDriveTypeW
GetSystemTimeAsFileTime
LocalFree
MapViewOfFile
UnhandledExceptionFilter
InterlockedExchange
LoadLibraryW
CreateDirectoryW
GetSystemDefaultUILanguage
FindResourceExW
CreateProcessW
MoveFileExW
SetUnhandledExceptionFilter
CreateFileMappingW
GetPrivateProfileSectionW
GetSystemDirectoryW

usp10

ScriptGetProperties

msvcrt

_XcptFilter
wcsncmp
_amsg_exit
_vsnwprintf
_wtoi
_wtol
_vsnprintf
_ultow
_initterm
memmove
_adjust_fdiv
bsearch
_wcsnicmp
memcpy
longjmp
malloc
memset
_setjmp3
free
_wcsicmp

user32

CreateDialogParamW
PeekMessageW
GetDlgItem
GetDlgItemTextW
SetWindowPos
CharNextA
CharPrevW
ReleaseDC
EnableWindow
DestroyWindow
SetWindowTextW
EndDialog
MessageBeep
ShowWindow
GetSystemMetrics
GetDesktopWindow
OemToCharA
GetDC
DispatchMessageW
UpdateWindow
ExitWindowsEx
SetDlgItemTextW
IsWindow
MessageBoxW
SendDlgItemMessageW
SendMessageW
MsgWaitForMultipleObjects
GetWindowRect
LoadStringW
CharUpperW
DialogBoxParamW
CharNextW

setupapi

SetupCloseFileQueue
SetupFindFirstLineW
SetupOpenAppendInfFileW
SetupQueueCopyW
SetupCloseInfFile
SetupSetDirectoryIdW
SetupOpenInfFileW
SetupCommitFileQueueW
SetupGetLineTextW
SetupOpenFileQueue
SetupInstallFromInfSectionW
SetupDefaultQueueCallbackW
SetupGetStringFieldW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupFindNextLine

advapi32

RegCloseKey
RegDeleteValueW
RegEnumValueW
RegQueryValueExA
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegSetValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegLoadKeyW
GetTokenInformation
EqualSid
RegSaveKeyW
LookupPrivilegeValueW
RegQueryValueExW
RegFlushKey
RegDeleteKeyW
FreeSid
AdjustTokenPrivileges
AllocateAndInitializeSid
OpenProcessToken
RegSetValueExW
RegUnLoadKeyW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

gdi32

DeleteObject
GetDeviceCaps
CreateFontIndirectW
GetStockObject
GetObjectW

ole32

CoTaskMemFree
OleUninitialize
OleInitialize

crypt32

CryptFormatObject

shlwapi

PathRemoveFileSpecW
PathCombineW
PathFileExistsW
PathAppendW
StrRChrW
PathBuildRootW
StrStrIW
PathAddBackslashW
StrChrW

Sections

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97c13200ffed524bb0f9ec6098cab889

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

usp10

msvcrt

user32

setupapi

advapi32

version

gdi32

ole32

crypt32

shlwapi

Sections

.text Size: 512B - Virtual size: 428B

.rsrc Size: 12KB - Virtual size: 11KB

.idata Size: 6KB - Virtual size: 5KB

.data Size: - Virtual size: 80KB

.rdata Size: 5KB - Virtual size: 4KB

.text
Size: 512B - Virtual size: 428B

.rsrc
Size: 12KB - Virtual size: 11KB

.idata
Size: 6KB - Virtual size: 5KB

.data
Size: - Virtual size: 80KB

.rdata
Size: 5KB - Virtual size: 4KB