bbc9df439f7588dfb0a33a280733346060c55afa0bc2a1cad9b7b8b7026e05eb

Sharing

Copy URL Twitter E-mail

General

Target

bbc9df439f7588dfb0a33a280733346060c55afa0bc2a1cad9b7b8b7026e05eb
Size

362KB
MD5

761b3ae7febc97bca9dc1911938fbd7e
SHA1

0989879ea86b6e6ae9ae5b323dc0d40eefa1c0ed
SHA256

bbc9df439f7588dfb0a33a280733346060c55afa0bc2a1cad9b7b8b7026e05eb
SHA512

c65312757583d89b7df74dd35caaa8b460ce53641f50b78a873e76cb57e44496acacb97ab6e5ea1d1803391387f59caecd386ddf68b3bae3212760b5428d08f1
SSDEEP

6144:O/7Osfe2ZTBrL/H/AudIxxLoc52HiV+69haw5qjY/gIads0khlOfDQo:O/al2ZTBP/AudI7kc52CV+D7uadsoLQo

Score

N/A

Malware Config

Signatures

Files

bbc9df439f7588dfb0a33a280733346060c55afa0bc2a1cad9b7b8b7026e05eb
.exe windows x86

882a5497d53d7537a03eec32fd473132

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathIsFileSpecW
PathFindFileNameW

psapi

EnumProcessModules
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLastError
GetModuleFileNameW
ExpandEnvironmentStringsW
InitializeCriticalSection
GetCurrentProcessId
MultiByteToWideChar
DeleteCriticalSection
GetTickCount
CreateFileW
Sleep
SetFilePointer
WriteFile
CloseHandle
OutputDebugStringW
GetCurrentThreadId
QueryPerformanceCounter
OpenProcess
GetFileAttributesExW
GetCommandLineW
GetTempFileNameW
GetLongPathNameW
SearchPathW
FormatMessageW
LocalFree
EnterCriticalSection
LeaveCriticalSection
CreateMutexW
WaitForSingleObject
CreateFileMappingW
MapViewOfFile
ReleaseMutex
UnmapViewOfFile
SetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
QueryPerformanceFrequency
SetEvent
CreateEventW
GetExitCodeThread
CreateSemaphoreW
ReleaseSemaphore
GetVersionExW
CreateProcessW
GetTempPathW
GetDiskFreeSpaceExW
CreateThread
GetExitCodeProcess
GetCurrentProcess
TerminateThread
OpenEventW
ResetEvent
GetLocalTime
GetSystemTime
GetFileAttributesW
OpenMutexW
CreateDirectoryW
GetFileSizeEx
PeekNamedPipe
GetEnvironmentVariableW
TryEnterCriticalSection
WaitForMultipleObjects
CreatePipe
GetStartupInfoW
GlobalMemoryStatusEx
OpenFileMappingW
FlushViewOfFile
GetSystemDefaultLCID
GetUserDefaultLCID
GetLocaleInfoW
FindFirstFileW
FindNextFileW
FindClose
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedCompareExchange
GetModuleHandleA
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
ExitProcess
HeapAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

user32

WaitForInputIdle
MsgWaitForMultipleObjectsEx
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects

advapi32

CheckTokenMembership
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW

shell32

SHGetFolderPathW
CommandLineToArgvW

ole32

CoCreateGuid
CoUninitialize
CoInitialize
CLSIDFromString
CoCreateInstance
CoInitializeEx

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.grdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

882a5497d53d7537a03eec32fd473132

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

psapi

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 7KB - Virtual size: 17KB

.rsrc Size: 74KB - Virtual size: 74KB

.reloc Size: 14KB - Virtual size: 14KB

.grdata Size: 68KB - Virtual size: 68KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 7KB - Virtual size: 17KB

.rsrc
Size: 74KB - Virtual size: 74KB

.reloc
Size: 14KB - Virtual size: 14KB

.grdata
Size: 68KB - Virtual size: 68KB