b9e30cecf93129d0a36564eca53a788c3a798e244aea316fc797932871b9e9b7

Sharing

Copy URL Twitter E-mail

General

Target

b9e30cecf93129d0a36564eca53a788c3a798e244aea316fc797932871b9e9b7
Size

199KB
MD5

6faf2f3f0ff7b803419e112cc5f91011
SHA1

23eaf1b732ed6bf21cec2f9a0c8ccf9fe1466c31
SHA256

b9e30cecf93129d0a36564eca53a788c3a798e244aea316fc797932871b9e9b7
SHA512

fb9033317732ec123b3058143f6a76903d493e1d11216ab0de7469389f2450cdfe273c051208eeeaa30bd1b9ed562eae988bb998033a42c0ca97b2ff31660c19
SSDEEP

6144:Z/3pbhK890PsDBWD81EUx2itvScRm3bUUA9NXgIA:Z/3dw89UsDsD81EUFHRW0NXxA

Score

N/A

Malware Config

Signatures

Files

b9e30cecf93129d0a36564eca53a788c3a798e244aea316fc797932871b9e9b7
.exe windows x86

a5074b9b9a154cc0063255469628843e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

StgCreateDocfile
CreateBindCtx
BindMoniker
StringFromGUID2
CoCreateInstance
StgOpenStorage
CoUninitialize
GetRunningObjectTable
CoTaskMemAlloc
StgIsStorageFile
CoTaskMemFree
CreateItemMoniker
CoInitialize

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

gdi32

CreateDIBitmap

iphlpapi

GetBestInterface
GetAdaptersInfo
SendARP

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

kernel32

FreeLibrary
GetACP
GetCurrentThreadId
LoadLibraryExA
VirtualFree
CreateEventA
GetWindowsDirectoryA
GetLastError
CreateFiberEx
GetModuleHandleA
GetVersion
GetFileAttributesA
EnterCriticalSection
WaitForMultipleObjects
IsBadWritePtr
GetSystemTime
GetDevicePowerState
InterlockedExchange
VirtualAlloc
GlobalMemoryStatus
CreateFileA
GetModuleFileNameA
SetLastError
FlushInstructionCache
InterlockedIncrement
SetThreadPriority
IsBadReadPtr
GetComputerNameA
GetDiskFreeSpaceA
GetTickCount
GetPrivateProfileStringA
CreateProcessA
WaitForSingleObject
lstrlenA
DefineDosDeviceA
EnumResourceNamesW
DeviceIoControl
LocalFree
GetLocalTime
_llseek
GetThreadPriority
InitializeCriticalSection
GetSystemDirectoryA
LoadLibraryA
GetSystemInfo
GetTempPathA
OutputDebugStringA
SetEvent
LeaveCriticalSection
GetVersionExA
ResetEvent
CreateSemaphoreA
FlushFileBuffers
DeleteFileA
CreateMutexA
QueryDosDeviceA
DeleteCriticalSection
LocalAlloc
CreateThread
GetCurrentThread
Sleep
VirtualQuery
GetCurrentProcessId
CloseHandle
CompareStringA
ReadFile
CreateDirectoryA
QueryPerformanceCounter
WriteFile
InterlockedDecrement
GetLocaleInfoA
ReleaseMutex

user32

wsprintfA
MsgWaitForMultipleObjects
GetDesktopWindow
DispatchMessageA
DestroyWindow
RealGetWindowClassA
ShowWindow
GetQueueStatus
CreateDialogParamA
PostThreadMessageA
GetDC
PeekMessageA
ReleaseDC
RegisterWindowMessageA
wvsprintfA

winmm

timeGetTime
timeSetEvent

advapi32

RegCreateKeyExA
CryptGetHashParam
RegEnumKeyExA
GetUserNameA
CryptEncrypt
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
CryptCreateHash
RegSetValueExA
CryptImportKey
RegEnumValueA
CryptHashData
CryptDestroyKey
CryptReleaseContext
CryptDestroyHash
RegCloseKey

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5074b9b9a154cc0063255469628843e

Headers

File Characteristics

Imports

ole32

setupapi

shell32

gdi32

iphlpapi

wininet

kernel32

user32

winmm

advapi32

Sections

.text Size: 170KB - Virtual size: 169KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 356KB

.text
Size: 170KB - Virtual size: 169KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 356KB