bb8dc788600d720dd67ff347ba3811fc7efe2b1c091b6c2f2e716ae2ff5f7bed

Sharing

Copy URL Twitter E-mail

General

Target

bb8dc788600d720dd67ff347ba3811fc7efe2b1c091b6c2f2e716ae2ff5f7bed
Size

536KB
MD5

039078151cbb8a33a0ad538f00b79e13
SHA1

f2565963f574a91931eee5d0fbfd7b781686ab70
SHA256

bb8dc788600d720dd67ff347ba3811fc7efe2b1c091b6c2f2e716ae2ff5f7bed
SHA512

4fff62feaa29a409b80e62773079b7d0d337a6cbf93776c988f02fee00c0fff242a2e32389e928cdae12fde11492a47a74a798b3486fcf8091b784bb3b5a8bd5
SSDEEP

12288:MoevToK3vxqE47wHbJZ743ApNZclX2KJlPUd4DAU:MlvT//nJjpgZUWA

Score

N/A

Malware Config

Signatures

Files

bb8dc788600d720dd67ff347ba3811fc7efe2b1c091b6c2f2e716ae2ff5f7bed
.exe windows x86

57448eb9ce1c617b0c9117500b9a4c15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
SetStdHandle
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
SetEvent
GetProcAddress
FindNextFileA
CreateFileMappingA
ResetEvent
FindNextFileW
WriteFile
CompareStringW
GetProcessHeap
GetSystemInfo
GlobalLock
GetCPInfo
SetErrorMode
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
GetOEMCP
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
CloseHandle
SetFilePointer
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
TlsGetValue
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
GetLocaleInfoW
FreeEnvironmentStringsW
LoadLibraryExW
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetConsoleOutputCP
GetStdHandle
GetEnvironmentVariableA
RtlUnwind
ReadFile
FindFirstFileA
GetACP
GetVersion
GetEnvironmentStrings
CreateProcessA
UnmapViewOfFile
FindResourceW
VirtualFree
Sleep
FindResourceA
VirtualAlloc
WriteConsoleW
CompareStringA

user32

EndPaint
SetTimer
GetSubMenu
RegisterClassA
EnableMenuItem
IsWindowEnabled
TranslateMessage
SetWindowPos
PeekMessageA
EnableWindow
SetCapture
ShowWindow
SetFocus
GetParent
GetMessageA
DestroyWindow
GetClientRect
ReleaseDC
GetCursorPos
GetDC
DispatchMessageA
IsWindow
LoadBitmapA
PostQuitMessage
ClientToScreen
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
PostMessageA
UpdateWindow
GetWindowLongA
CreateWindowExA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
SendMessageA
GetDesktopWindow
EndDialog
SetCursor
InvalidateRect
wsprintfA
CallWindowProcA
SetWindowLongA

oleaut32

SysAllocString
VariantInit
SysFreeString
SysAllocStringLen
SysStringLen
VariantClear

advapi32

OpenProcessToken
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExW

gdi32

CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteDC
GetDeviceCaps
BitBlt

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 500KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57448eb9ce1c617b0c9117500b9a4c15

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

gdi32

Sections

.text Size: 24KB - Virtual size: 21KB

.data Size: 500KB - Virtual size: 498KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 24KB - Virtual size: 21KB

.data
Size: 500KB - Virtual size: 498KB

.rsrc
Size: 8KB - Virtual size: 7KB