a079bf0ac9e715a72183e75242ff44a2f443cdd7bc73cf8b8f8cf5b5ce38d1bd

Sharing

Copy URL Twitter E-mail

General

Target

a079bf0ac9e715a72183e75242ff44a2f443cdd7bc73cf8b8f8cf5b5ce38d1bd
Size

722KB
MD5

dd221483436758e76aa8e7de33dcec9f
SHA1

a7d9d8a75027822de6ee270830cf68b2c3755da1
SHA256

a079bf0ac9e715a72183e75242ff44a2f443cdd7bc73cf8b8f8cf5b5ce38d1bd
SHA512

396f58e7f8870fae18929ab966f23298ff874dc22679de51ca2ba5302d42005151034567225ecbe797d2ec280a370fbd54d896135465b128f59def8a283af52f
SSDEEP

12288:cBbmZ57G8cdJdCdfwpdhE+5l1+QP9pv6DkarXv752UEWYmGoYq3FeCEI55BjwOYu:cBq57Ge2pw+7mr/1pqmYkFhL/syYY

Score

N/A

Malware Config

Signatures

Files

a079bf0ac9e715a72183e75242ff44a2f443cdd7bc73cf8b8f8cf5b5ce38d1bd
.exe windows x86

005fd681cea8d9f07a067d64036862c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
DeleteObject
GetStockObject
SetTextColor
SetBkColor
SetBkMode

kernel32

GetCurrentThreadId
ExitProcess
HeapAlloc
GetProcessHeap
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
TlsGetValue
CreateProcessA
SizeofResource
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
HeapSize
WideCharToMultiByte
LockResource
GetEnvironmentStrings
GlobalAlloc
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
InterlockedIncrement
CreateFileA
CreateEventA
GetTimeZoneInformation
GetProcAddress
FindFirstFileW
CreateFileMappingA
CompareStringA
CompareStringW
WaitForMultipleObjects
DeleteFileA
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
GetOEMCP
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
GetModuleHandleA
TerminateProcess
CreateThread
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
InterlockedDecrement
LoadResource
GetEnvironmentVariableA
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
LoadLibraryW
GetCPInfo
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapFree
HeapDestroy
SetEvent
GetFileAttributesA
GetConsoleOutputCP
GetStdHandle
GetLastError
GetTickCount
GetCommandLineA
GetCurrentProcessId
GetCurrentThread
GetVersion
VirtualQuery

user32

SetWindowLongA
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
MapWindowPoints
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
IsWindowEnabled
EnableWindow
ShowWindow
UpdateWindow
GetClientRect
IsWindow
PostQuitMessage
TrackPopupMenu
GetCursorPos
SetDlgItemTextA
GetSysColor
InvalidateRect
SendMessageA
GetDlgItem

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
GetTokenInformation
OpenProcessToken

Sections

.text
Size: 670KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

005fd681cea8d9f07a067d64036862c3

Headers

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

Sections

.text Size: 670KB - Virtual size: 996KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 26KB - Virtual size: 25KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 670KB - Virtual size: 996KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 18KB - Virtual size: 18KB