1ba2464417e503fe1c73c1cb8674bf8cb97a1bc1da29e03a25be39b0b4c5b7a7

Sharing

Copy URL Twitter E-mail

General

Target

1ba2464417e503fe1c73c1cb8674bf8cb97a1bc1da29e03a25be39b0b4c5b7a7
Size

137KB
MD5

15a7cdc2116b4002b91e321e3c76f560
SHA1

2dab2bbfef74d47c81e801db8bd91a6503f37790
SHA256

1ba2464417e503fe1c73c1cb8674bf8cb97a1bc1da29e03a25be39b0b4c5b7a7
SHA512

66fb63b790834b09694bfa2e902e48e808168a9b20fea83dca213e48888d24efb80078124c2f1643ae749d3a06cd84b72c57909c0ab86790dea4652a8722f613
SSDEEP

3072:lEsUqjkvgALrROXqDvZ4e/hCL3CQ9vnkuOfpYoizXKv6tF/JQEgUlW:ppjqgAIsR4e5CL3C+vdOfppIXKSNrpU

Score

N/A

Malware Config

Signatures

Files

1ba2464417e503fe1c73c1cb8674bf8cb97a1bc1da29e03a25be39b0b4c5b7a7
.exe windows x86

b95d1ba53aab79060e394977dc35f477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongW
LoadIconW
DrawFocusRect
GetQueueStatus
EndPaint
SendMessageTimeoutA
DrawStateA
EnumPropsExW
RegisterWindowMessageA
SetWindowsHookA
ChangeClipboardChain

shell32

DragQueryPoint
DragAcceptFiles
ShellExecuteExA
Shell_NotifyIconW
ShellExecuteA
DoEnvironmentSubstW
FindExecutableA

wininet

FtpSetCurrentDirectoryW
InternetCreateUrlW
InternetReadFileExW
RetrieveUrlCacheEntryFileA
HttpQueryInfoA
InternetCreateUrlA

gdi32

CreateDIBSection
CancelDC
CloseFigure
CombineTransform
CombineRgn

kernel32

CreateFileW
WriteConsoleW
CloseHandle
GetStringTypeW
LCMapStringW
IsProcessorFeaturePresent
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ReadFile
ReadConsoleInputA
SetConsoleMode
SetFilePointer
UnhandledExceptionFilter
GlobalSize
LoadModule
CreateJobObjectW
WriteFileEx
GetComputerNameExA
EndUpdateResourceA
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
EncodePointer
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
Sleep
HeapFree
MultiByteToWideChar

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hjbnclr
Size: - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b95d1ba53aab79060e394977dc35f477

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

wininet

gdi32

kernel32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 86KB - Virtual size: 114KB

hjbnclr Size: - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 86KB - Virtual size: 114KB

hjbnclr
Size: - Virtual size: 76KB