b7f27b67f1158ac34527444f8c11300f183ac6cec2c1b14f8cff2410cba976fb

Sharing

Copy URL Twitter E-mail

General

Target

b7f27b67f1158ac34527444f8c11300f183ac6cec2c1b14f8cff2410cba976fb
Size

136KB
MD5

e796e2d3f661baadee4ab606c706f4be
SHA1

41cdf46e112f530ce3ee1b0bb89d0e916e826723
SHA256

b7f27b67f1158ac34527444f8c11300f183ac6cec2c1b14f8cff2410cba976fb
SHA512

bc3d02730143a05e0e5a7ed29e88ef028b8d2666cd84a9cd151f1953507e920c44cd286347b7c998156ed0e1220ccba6dca32a854e493a418355ffc84807f666
SSDEEP

3072:SxldAuqwCfWQI4HpHZqAvqQDoiBOm9laWa/tYfT1/WGPW4xSxiMZXi:SpsHxZqBfip9laWqOW3WWXi

Score

N/A

Malware Config

Signatures

Files

b7f27b67f1158ac34527444f8c11300f183ac6cec2c1b14f8cff2410cba976fb
.exe windows x86

6f407c09da6e324f00a82c02a90b2dbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
OpenMutexA
GetCommandLineW
GetAtomNameW
GetCurrentThreadId
GetHandleInformation
SetCalendarInfoA
DosDateTimeToFileTime
CopyFileExW
GetModuleHandleW
SetCalendarInfoW
EnumDateFormatsA
SetLocaleInfoA
GetFileSize
SetUnhandledExceptionFilter
GlobalDeleteAtom
OpenProcess
GetDiskFreeSpaceW
OpenWaitableTimerA
CompareStringW
GetUserDefaultLCID
GetOEMCP
GetVolumeInformationW
WinExec
GetUserDefaultLangID
GetLogicalDriveStringsW
GetWindowsDirectoryA
ReplaceFileW
GetThreadPriority
GetStringTypeA
ExpandEnvironmentStringsW
Beep
GetStringTypeW
LoadResource
SetThreadPriority
GetProcAddress
GetFullPathNameW
GetModuleHandleA
ConnectNamedPipe
MulDiv
IsValidCodePage
CreateDirectoryW
CreateFileA
GetDateFormatW
lstrcmpW
GetExpandedNameW
GetCommandLineA

user32

SendDlgItemMessageW
GetAsyncKeyState
DestroyWindow
GetDC
EnumWindows
GetDC
SetCursor
SetDlgItemTextA
AppendMenuA
CharNextW
SetTimer
IsWindow

gdi32

GetTextExtentPointA
ColorCorrectPalette
RectVisible
ResetDCW
EnumFontsW
GetCharWidth32A
GetOutlineTextMetricsW
FixBrushOrgEx
SetPixelFormat
CreateDIBPatternBrushPt
EnumICMProfilesA

advapi32

RegOpenKeyW
RegFlushKey
RegCreateKeyW
RegEnumValueA
RegRestoreKeyW
RegOpenKeyA
RegDeleteValueA

shell32

StrStrA
StrRChrIW
ExtractIconExW
SHGetFolderPathW

ole32

CoFileTimeNow
CoGetDefaultContext
CoGetInstanceFromFile

setupapi

SetupLogFileA

wininet

InternetGetConnectedStateExA
InternetCreateUrlW
GetUrlCacheConfigInfoA
UnlockUrlCacheEntryFile
InternetShowSecurityInfoByURL
ReadUrlCacheEntryStream
InternetOpenW
InternetFindNextFileA
IsUrlCacheEntryExpiredA
FtpDeleteFileA
InternetAttemptConnect
DetectAutoProxyUrl
FindNextUrlCacheContainerW
ForceNexusLookupExW
GopherGetAttributeW
FreeUrlCacheSpaceA
InternetWriteFileExW
InternetShowSecurityInfoByURLW

sqlunirl

_SetWindowText@8

crypt32

CertAddCTLLinkToStore
CertGetCertificateChain
CryptCloseAsyncHandle
CertOpenSystemStoreA
I_CryptInstallOssGlobal
CryptVerifyDetachedMessageSignature
CertVerifyCertificateChainPolicy
CryptMemRealloc
CryptSIPRetrieveSubjectGuidForCatalogFile

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TZeQV
Size: 1KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Bnl
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BAs
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rMBF
Size: 1KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.W
Size: 2KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xr
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JB
Size: 1024B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bw
Size: 1024B - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f407c09da6e324f00a82c02a90b2dbf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

setupapi

wininet

sqlunirl

crypt32

Sections

.text Size: 11KB - Virtual size: 10KB

.TZeQV Size: 1KB - Virtual size: 48KB

.Bnl Size: 2KB - Virtual size: 26KB

.BAs Size: 3KB - Virtual size: 4KB

.rMBF Size: 1KB - Virtual size: 27KB

.W Size: 2KB - Virtual size: 37KB

.xr Size: 2KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 7KB

.JB Size: 1024B - Virtual size: 31KB

.bw Size: 1024B - Virtual size: 204KB

.rsrc Size: 164KB - Virtual size: 163KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.TZeQV
Size: 1KB - Virtual size: 48KB

.Bnl
Size: 2KB - Virtual size: 26KB

.BAs
Size: 3KB - Virtual size: 4KB

.rMBF
Size: 1KB - Virtual size: 27KB

.W
Size: 2KB - Virtual size: 37KB

.xr
Size: 2KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 7KB

.JB
Size: 1024B - Virtual size: 31KB

.bw
Size: 1024B - Virtual size: 204KB

.rsrc
Size: 164KB - Virtual size: 163KB

.reloc
Size: 1KB - Virtual size: 1KB