bfc9418932f8e28d834d747ab00a7814f776d71472a8b16ca355457fbea9e1fa

Sharing

Copy URL Twitter E-mail

General

Target

bfc9418932f8e28d834d747ab00a7814f776d71472a8b16ca355457fbea9e1fa
Size

148KB
MD5

4ce43a7847e36024486223030f04ecfc
SHA1

30fe595fbeaa097fe46702a07cea481397a4336b
SHA256

bfc9418932f8e28d834d747ab00a7814f776d71472a8b16ca355457fbea9e1fa
SHA512

83287103944680927d65d38a2a9684030b290c3d37079a53d66c36dfe741ee2eec5d31875ab873641439260ae16e2dfaa2c8fd9de39c0309b377967cb9012a0d
SSDEEP

3072:H0H5GytDPVRiEEvFjP0lWOQN3kgZsMpLLT3UzBL5JEEqudrArNRy9:UUytDzil1PwKN3XsMlLT8LIudcK9

Score

N/A

Malware Config

Signatures

Files

bfc9418932f8e28d834d747ab00a7814f776d71472a8b16ca355457fbea9e1fa
.exe windows x86

b77a1d6fad37b7debd16ddd8951cb006

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW
CharUpperW
wsprintfW
MessageBeep

mpr

WNetAddConnection2W
WNetCancelConnection2W
WNetGetLastErrorW

ole32

CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoTaskMemFree
CoUninitialize

secur32

AcceptSecurityContext
SaslInitializeSecurityContextA
LsaGetLogonSessionData
InitializeSecurityContextA
SetContextAttributesA
GetUserNameExW
GetUserNameExW
SaslInitializeSecurityContextW
QuerySecurityPackageInfoW
QuerySecurityPackageInfoA

ws2_32

WSAGetLastError
gethostbyaddr
WSAStartup
inet_addr
WSACleanup

netapi32

NetServerGetInfo
NetApiBufferFree

shlwapi

StrTrimW

msvcrt

_initterm
wcstol
__setusermatherr
wcsncmp
realloc
wcscat
_XcptFilter
_exit
_c_exit
_controlfp
__wgetmainargs
_iob
wcstok
exit
wcsrchr
calloc
swprintf
strtok
_wcsnicmp
_ultow
wcschr
wcscpy
iswctype
wcstoul
wcsstr
wcslen
wcsspn
wcspbrk
fflush
__set_app_type
wcstod
__winitenv
fprintf
free
_cexit

kernel32

lstrlenW
lstrcmpW
GetUserDefaultLCID
SetLocaleInfoA
GetCommModemStatus
VerifyVersionInfoW
GetTimeFormatW
FindAtomW
CmdBatNotification
GetCurrentDirectoryW
VerSetConditionMask
ReadConsoleW
CreateSemaphoreA
GetCurrentProcess
GetStdHandle
WriteConsoleOutputAttribute
GetDriveTypeW
SetHandleInformation
HeapLock
CreateTimerQueue
GetProfileSectionW
GetLogicalDriveStringsA
SetConsoleMode
GetProfileSectionA
CreateProcessA
EnumSystemCodePagesA
LoadResource
AddVectoredExceptionHandler
GetConsoleDisplayMode
UnhandledExceptionFilter
VirtualQuery
SetSystemTime
WriteConsoleW
Process32NextW
lstrcpyW
FreeLibrary
CreateMutexA
GetShortPathNameW
lstrcpynW
GetCurrentProcessId
IsBadStringPtrW
WriteProcessMemory
BeginUpdateResourceW
FileTimeToSystemTime
QueryPerformanceCounter
ReadFile
GetTickCount
GetDateFormatW
SetStdHandle
lstrcmpiW
VirtualAllocEx
IsSystemResumeAutomatic
SetUnhandledExceptionFilter
GetConsoleMode
SetLastError
GetComputerNameExW
BaseUpdateAppcompatCache
GetVolumePathNameW
_hwrite
SetConsoleDisplayMode
WideCharToMultiByte
Thread32Next
MoveFileExA
FormatMessageW
GlobalGetAtomNameW
GetConsoleWindow
TerminateProcess
MultiByteToWideChar
GetModuleHandleExW
SetWaitableTimer
LocalFree
RegisterWaitForSingleObject
GetAtomNameA
SetThreadPriority
GetLastError
GetLocaleInfoW
GetSystemTimeAsFileTime
BackupWrite
GetLocalTime
lstrcatW
GetExitCodeThread

wininet

InternetReadFileExA
ResumeSuspendedDownload
FtpSetCurrentDirectoryA
InternetSetCookieExW
FtpCommandA
CreateMD5SSOHash
IsUrlCacheEntryExpiredW
DeleteUrlCacheContainerW
InternetQueryOptionA
InternetConfirmZoneCrossing
IncrementUrlCacheHeaderData
InternetOpenA
CommitUrlCacheEntryA
ShowX509EncodedCertificate
FtpGetFileEx
InternetSetDialStateW
InternetQueryDataAvailable

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xpuJ
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_MEM_READ

.HPkW
Size: 2KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Id
Size: 2KB - Virtual size: 41KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.efwDpx
Size: 1KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UV
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_MEM_READ

.LSF
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b77a1d6fad37b7debd16ddd8951cb006

Headers

File Characteristics

Imports

user32

mpr

ole32

secur32

ws2_32

netapi32

shlwapi

msvcrt

kernel32

wininet

Sections

.text Size: 16KB - Virtual size: 16KB

.xpuJ Size: 2KB - Virtual size: 6KB

.HPkW Size: 2KB - Virtual size: 45KB

.rdata Size: 5KB - Virtual size: 4KB

.Id Size: 2KB - Virtual size: 41KB

.data Size: 6KB - Virtual size: 33KB

.efwDpx Size: 1KB - Virtual size: 23KB

.UV Size: 3KB - Virtual size: 40KB

.LSF Size: 1KB - Virtual size: 33KB

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 16KB - Virtual size: 16KB

.xpuJ
Size: 2KB - Virtual size: 6KB

.HPkW
Size: 2KB - Virtual size: 45KB

.rdata
Size: 5KB - Virtual size: 4KB

.Id
Size: 2KB - Virtual size: 41KB

.data
Size: 6KB - Virtual size: 33KB

.efwDpx
Size: 1KB - Virtual size: 23KB

.UV
Size: 3KB - Virtual size: 40KB

.LSF
Size: 1KB - Virtual size: 33KB

.rsrc
Size: 105KB - Virtual size: 105KB