cbab043a5f8b11eefa889b1fc4ce897c70653c6a1218f82b967a0e8aaf7365f3

General

Target

cbab043a5f8b11eefa889b1fc4ce897c70653c6a1218f82b967a0e8aaf7365f3
Size

19KB
MD5

3175b37d35f4ae982e6874e6d121c8da
SHA1

1ee5201333f589a1c0f43b3a30b99d4a0b07d5d9
SHA256

cbab043a5f8b11eefa889b1fc4ce897c70653c6a1218f82b967a0e8aaf7365f3
SHA512

bb5740b03edcb09c3cf030b9530d9bbd7a7927a033343038727a046e69edcf31e8215f06b4fe5c94672843bbcfd4d70a57fac61cd869d0085a693d1ed753938a
SSDEEP

384:gFFioXQgoyg59QNMR2vwOx9cDZj2HHyQeA0f5IqZZb7y0abJ:gFJAgoWPvwOx9CjSHybfbuB

Score

N/A

Malware Config

Signatures

Files

cbab043a5f8b11eefa889b1fc4ce897c70653c6a1218f82b967a0e8aaf7365f3
.exe windows x86

0b31eba22cb9991710ad6877a997b03c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA
StrCmpIW

iphlpapi

GetAdaptersInfo

gdiplus

GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage

kernel32

ExitProcess
GetEnvironmentVariableA
GetShortPathNameA
GetFullPathNameA
GetTickCount
Sleep
ResetEvent
WaitForSingleObject
CreateEventA
CopyFileA
DeleteFileA
lstrcatA
lstrlenA
CloseHandle
VirtualFreeEx
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetLastError
MultiByteToWideChar
FindNextFileA
FindFirstFileA
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentProcessId
VirtualFree
WriteFile
CreateFileA
ReadFile
GetFileSize
CreateDirectoryA
GetFileAttributesA
Module32Next
Module32First
GetVersionExA

user32

wsprintfA
ReleaseDC
GetSystemMetrics
GetDC
IsCharAlphaNumericA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject

advapi32

GetUserNameA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b31eba22cb9991710ad6877a997b03c

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

iphlpapi

gdiplus

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 318KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 318KB