d0bfcac2ccda5f479ff8256830c964decc36b170aa7dbfa3b528745ae60d4206

General

Target

d0bfcac2ccda5f479ff8256830c964decc36b170aa7dbfa3b528745ae60d4206
Size

790KB
MD5

8e5fdbc178bf77648ed9ac19dc54bbb0
SHA1

f5b42cbdadbd28b078a5b944714bcaa29a20b9b7
SHA256

d0bfcac2ccda5f479ff8256830c964decc36b170aa7dbfa3b528745ae60d4206
SHA512

eda94fdf7af51be05c868d736e0bf72256e731dda588c97cf45bfc8e0a0f590ce88b01023388a302b684fb5a4b22076a409921c80a3635eb820a867b98755c61
SSDEEP

24576:+keAeAeAeAeAeAeAeAeAeKv8+5QWWkZM6BMues:0bbbbbbbbbKv8+bZPo

Score

N/A

Malware Config

Signatures

Files

d0bfcac2ccda5f479ff8256830c964decc36b170aa7dbfa3b528745ae60d4206
.exe windows x86

8647662dc8744a01c64452dbeb3b1bb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
DefWindowProcA
GetClientRect
IsIconic
GetWindowTextLengthA
IsWindowVisible
PostQuitMessage
GetParent
RegisterClassA
CreateWindowExA

oleaut32

SysFreeString
SysAllocString
VariantClear

kernel32

lstrlenA
LocalFree
VirtualAlloc
InterlockedDecrement
HeapAlloc
Sleep
GetProcessId
GetCurrentThreadId
GetProcessVersion
GetThreadPriority
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetProcAddress
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RaiseException
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

advapi32

RegQueryValueA

ws2_32

WSACancelAsyncRequest

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 731KB - Virtual size: 733KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8647662dc8744a01c64452dbeb3b1bb4

Headers

File Characteristics

Imports

user32

oleaut32

kernel32

advapi32

ws2_32

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 731KB - Virtual size: 733KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 731KB - Virtual size: 733KB