ba6d692d8676b65e28b28b07a6309280ce002c0c4ddbcea85eb757b1481c27cd

Sharing

Copy URL Twitter E-mail

General

Target

ba6d692d8676b65e28b28b07a6309280ce002c0c4ddbcea85eb757b1481c27cd
Size

722KB
MD5

5597ced216fcabc9cc8c595e326f8752
SHA1

30295de2094de411ae929b376870725258b78864
SHA256

ba6d692d8676b65e28b28b07a6309280ce002c0c4ddbcea85eb757b1481c27cd
SHA512

98355d0df226682e5044fc964ff0cfcef63282e414eb1f15e7f463297bb9143832ba3d3626700b0ab75256c755b9eb048085a44f05d6424aefb94e39823787a6
SSDEEP

12288:cBbmZ57G8cdJdCdfwpdhE+5l1+QP9pv6DkarXv752UEWYmGoYq3FeCEI55BjwOYT:cBq57Ge2pw+7mr/1pqmYkFhL/syYF

Score

N/A

Malware Config

Signatures

Files

ba6d692d8676b65e28b28b07a6309280ce002c0c4ddbcea85eb757b1481c27cd
.exe windows x86

005fd681cea8d9f07a067d64036862c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
DeleteObject
GetStockObject
SetTextColor
SetBkColor
SetBkMode

kernel32

GetCurrentThreadId
ExitProcess
HeapAlloc
GetProcessHeap
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
TlsGetValue
CreateProcessA
SizeofResource
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
HeapSize
WideCharToMultiByte
LockResource
GetEnvironmentStrings
GlobalAlloc
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
InterlockedIncrement
CreateFileA
CreateEventA
GetTimeZoneInformation
GetProcAddress
FindFirstFileW
CreateFileMappingA
CompareStringA
CompareStringW
WaitForMultipleObjects
DeleteFileA
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
GetOEMCP
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
GetModuleHandleA
TerminateProcess
CreateThread
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
InterlockedDecrement
LoadResource
GetEnvironmentVariableA
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
LoadLibraryW
GetCPInfo
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapFree
HeapDestroy
SetEvent
GetFileAttributesA
GetConsoleOutputCP
GetStdHandle
GetLastError
GetTickCount
GetCommandLineA
GetCurrentProcessId
GetCurrentThread
GetVersion
VirtualQuery

user32

SetWindowLongA
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
MapWindowPoints
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
IsWindowEnabled
EnableWindow
ShowWindow
UpdateWindow
GetClientRect
IsWindow
PostQuitMessage
TrackPopupMenu
GetCursorPos
SetDlgItemTextA
GetSysColor
InvalidateRect
SendMessageA
GetDlgItem

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
GetTokenInformation
OpenProcessToken

Sections

.text
Size: 670KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

005fd681cea8d9f07a067d64036862c3

Headers

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

Sections

.text Size: 670KB - Virtual size: 996KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 26KB - Virtual size: 25KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 670KB - Virtual size: 996KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 18KB - Virtual size: 18KB