fb88cc7ff706ff8e12d95641e50e1ed35a324a7425b1964d1390bf81b81cbc0d

Sharing

Copy URL Twitter E-mail

General

Target

fb88cc7ff706ff8e12d95641e50e1ed35a324a7425b1964d1390bf81b81cbc0d
Size

265KB
MD5

ea7cdd69f8bb9407020d3f8d54f6f42c
SHA1

63a9e86424bca69d7f71430bb334778cbedbcb05
SHA256

fb88cc7ff706ff8e12d95641e50e1ed35a324a7425b1964d1390bf81b81cbc0d
SHA512

48bf1de78f1fada39ae61ad7027f25806000ea004d820201d5a05205b5aef5ba5d41ad48627cb63e73d69bcd64ed4f900964ccde84f996fb87a92d350f910290
SSDEEP

6144:W/veHe59L2Qg2y++R3BSeaBDn6EyAGhK:WOHC3+3aphyAG

Score

N/A

Malware Config

Signatures

Files

fb88cc7ff706ff8e12d95641e50e1ed35a324a7425b1964d1390bf81b81cbc0d
.exe windows x86

6e7bb09b6a137d0756a3dbf17ae18d3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteDC
CreateDIBitmap
BitBlt
SetPixel
StartDocW
AbortDoc
GetTextMetricsA

kernel32

OpenThread
GetSystemDirectoryA
GetCommandLineW
SetThreadPriority
FileTimeToLocalFileTime
CreateFileA
HeapAlloc
WaitForMultipleObjects
CreateThread
GetThreadPriority
CloseHandle
TlsFree
GetCurrentThreadId
CreateMutexA
GetFileSize
CompareFileTime
TlsAlloc
ResumeThread
HeapFree
GetCurrentDirectoryA
HeapReAlloc

user32

AppendMenuA
LoadImageA
LoadStringA
SetCursorPos
GetWindowTextLengthA
GetMenuItemID
DrawTextA
SetWindowPos
GetClientRect
GetWindowTextW
SystemParametersInfoA
DrawFrameControl
RegisterWindowMessageA
CharUpperA
DrawIcon
ExitWindowsEx
DefMDIChildProcW
DrawMenuBar
GetScrollPos
ShowWindow
EnableWindow
CloseClipboard
GetAsyncKeyState
MapWindowPoints
GetKeyboardState
GetCursorPos

ntdll

NtMapViewOfSection
NtCreateSection
ZwOpenFile

efsabduk

I2Str
FpR4
AryMove
IsEmpty
_CItan
I4Cy
LenB
GetMem2
InvokeMethod
LateIdNamedCallLd
I4Abs
Beep
IsMissing
CheckType
GetIDsOfNames
IsArray
AryLock
Partition
PutMemNewObj
PPMT
gCopy
LsetFixstr
ErrObj
R8IntI4
ChangeDrive
Move
GetDateValue
UI1
rtR4FromErr
RightTrimBstr
PMT
SetMem
DateStr
LineInput
SLN
CmpLt
IndexStoreObj
CyMulI2
Invoke
LateMemCallLd
StrAryToAnsi
rtR8FromErr
FormatCurrency
LateMemCall
EraseNoPop
PutMemEvent
GetFxStr4
ForEach
Div
PutMem1
CreateContext
PutMemObj
TextTstGt
RedimPreserve
TstEq
CopyBytes
LoadRunTime
LateMemNamedCallSt
Free
LateIdCall
LibraryLoad
RightCharBstr
IMEStatus
FileDateTime
RightBstr
CySub
StrFrom
LenBstrB
Type
QueryInterface
GetObjConnectionCounts
GetHourOfDay
GetTimeValue
AppActivate
PutMem2
Cos
FormatDateTime
MsgBox
SetContextWorkerThread
TextCmpLe
NextEachColl
AryCopy
I4Sgn
StrAryToUnicode
Cat
IndexLoadRef
StrDate

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e7bb09b6a137d0756a3dbf17ae18d3b

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

ntdll

efsabduk

Sections

.text Size: 217KB - Virtual size: 217KB

.data Size: 15KB - Virtual size: 14KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 217KB - Virtual size: 217KB

.data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 32KB - Virtual size: 32KB