0cb9b343a8e8468084ba84f2360b70c0b08137f85569c376a0ca45003ce6bc7d

Sharing

Copy URL Twitter E-mail

General

Target

0cb9b343a8e8468084ba84f2360b70c0b08137f85569c376a0ca45003ce6bc7d
Size

179KB
MD5

ff71a73217e597c939f5e3fd99a5b70f
SHA1

1954a04ae1bd28f0293577a9cf5261f692865871
SHA256

0cb9b343a8e8468084ba84f2360b70c0b08137f85569c376a0ca45003ce6bc7d
SHA512

ef63dbb3f6447b398f4b2fde20d8c25e51b5e2ecdd95e925350ca0ceeefd9630066fae81fdd3c1911370b56b6ed3b661d46d09d21e0c6b64bfd301d480bd7307
SSDEEP

3072:KqPyXhNvqDt3BFk9uadky5dL2QVBhsNcvdjrG9hOLkn:IXhxqDFBeEa9dLLnhsNcvZrGGLK

Score

N/A

Malware Config

Signatures

Files

0cb9b343a8e8468084ba84f2360b70c0b08137f85569c376a0ca45003ce6bc7d
.exe windows x86

388983d7437c25fd34a9c7c672575a08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

BeginUpdateResourceA
CloseHandle
CompareStringW
CreateFileA
CreateWaitableTimerA
DeleteCriticalSection
DeleteFiber
EnterCriticalSection
EnumDateFormatsW
ExitProcess
FindResourceExA
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentVariableW
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenMutexW
RaiseException
ReadConsoleOutputAttribute
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualFreeEx
VirtualQuery
WideCharToMultiByte
WriteFile
WriteProfileStringW

gdi32

AbortDoc
AddFontResourceExA
CreateColorSpaceW
CreateDIBPatternBrushPt

user32

EnumThreadWindows
MessageBoxA
wsprintfA

ole32

CoFileTimeNow
CoRegisterMallocSpy
CoRegisterPSClsid
CoUnmarshalInterface
GetClassFile
IIDFromString
OleCreateFromFileEx
OleLoad
OleLockRunning

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

388983d7437c25fd34a9c7c672575a08

Headers

File Characteristics

Imports

kernel32

gdi32

user32

ole32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 13KB - Virtual size: 28KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 115KB - Virtual size: 115KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 13KB - Virtual size: 28KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 115KB - Virtual size: 115KB

.reloc
Size: 4KB - Virtual size: 4KB