cbbd16abfd0c983d55602f7cc30c9dc6f2e6da6193b00e22f387079f3a5d1161

Sharing

Copy URL Twitter E-mail

General

Target

cbbd16abfd0c983d55602f7cc30c9dc6f2e6da6193b00e22f387079f3a5d1161
Size

159KB
MD5

5cfa3a4f8b7b038a4a78b2ba956246b2
SHA1

8cd7471f74af4986553f829581b51e5a058e6140
SHA256

cbbd16abfd0c983d55602f7cc30c9dc6f2e6da6193b00e22f387079f3a5d1161
SHA512

c467865e71d75b06739aa2648565e07883dc28e99cf337f5def1c5ae6e2f0680915d1cbd39c575c8dadddd512ff8c8bc5b5ecae7964851113b861528760254a3
SSDEEP

3072:6HW9t48YHk8NS6wZXf2E5T/5kmzHzb2aSP79t7YU6ODyFmUrrmyB/rWA:62w8YLNS6iNhkmLzvAGnmU/m+W

Score

N/A

Malware Config

Signatures

Files

cbbd16abfd0c983d55602f7cc30c9dc6f2e6da6193b00e22f387079f3a5d1161
.exe windows x86

2afbbbfd32ed1fbfa55ff77f99de39d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord65

user32

LoadIconA
SetWindowTextA
GetWindowTextLengthA
GetWindowDC
LoadCursorA
ReleaseDC
GetDesktopWindow

kernel32

GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStrings
GetCurrentProcessId
VirtualAlloc
GetLocaleInfoW
GetProcAddress
GetModuleHandleA
GetStdHandle
GetVersionExA
GetEnvironmentStringsW
IsDebuggerPresent
CreateEventA
GetTickCount
CompareStringA
CompareStringW
GetCommandLineA
TlsAlloc
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
SetEnvironmentVariableA
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
Sleep

gdi32

SetTextAlign
GetTextColor
GetTextMetricsA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2afbbbfd32ed1fbfa55ff77f99de39d0

Headers

DLL Characteristics

File Characteristics

Imports

msi

user32

kernel32

gdi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 111KB - Virtual size: 193KB

.rsrc Size: 1024B - Virtual size: 616B

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 111KB - Virtual size: 193KB

.rsrc
Size: 1024B - Virtual size: 616B