bbea96773ef3f9f4def69171db736a18144e81b7f19f56a7136b1728e618b084

Sharing

Copy URL Twitter E-mail

General

Target

bbea96773ef3f9f4def69171db736a18144e81b7f19f56a7136b1728e618b084
Size

262KB
MD5

5125cfecb3c58b6653b044586f44e550
SHA1

00b86336450c2166eb0d9e0ac9c0292a92aaa6ea
SHA256

bbea96773ef3f9f4def69171db736a18144e81b7f19f56a7136b1728e618b084
SHA512

9607d0d1c8ef9af6be1ed1c564ae91607e8774ef3cb3adf5fa6a6aaae5f13b2a72fd1adabb4f5195bd6ba179ea2a49df7e9f46519e40117d0a5dc7cab4b5b405
SSDEEP

3072:rFYVsaX8inWCXU0rlD4f+0XwgMZfqNa3CEJGmr9HxKD0fBY25c95qRt7w:rFMOinWA34bF1N8CEHBwDsBYD

Score

N/A

Malware Config

Signatures

Files

bbea96773ef3f9f4def69171db736a18144e81b7f19f56a7136b1728e618b084
.exe windows x86

fc817308eb2864a64a75d5d123e90e8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileW
GetCurrentProcessId
ResumeThread
GetVolumeInformationW
CreateThread
GetFileSize
ReadFile
FindFirstFileW
CreateDirectoryW
GetFileAttributesW
MoveFileW
FindClose
RemoveDirectoryW
FindNextFileW
SetFilePointer
FreeLibrary
LoadLibraryW
GetProcAddress
ResetEvent
GetModuleFileNameW
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExW
GetTimeZoneInformation
GetDiskFreeSpaceW
GlobalMemoryStatusEx
GetSystemInfo
OpenProcess
TerminateProcess
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
FindResourceW
OpenFileMappingW
GetTickCount
GetCurrentThread
SetFileTime
SizeofResource
LockResource
GetFileTime
CreateEventW
CreateFileMappingW
CreateFileW
WriteFile
GetLogicalDrives
SetEvent
GetComputerNameW
WaitForSingleObject
FlushFileBuffers
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
IsValidCodePage
GetDriveTypeW
UnmapViewOfFile
MapViewOfFile
SetFileAttributesW
GetWindowsDirectoryW
SystemTimeToFileTime
CopyFileW
LoadResource
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetLastError
HeapFree
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
GetModuleHandleA

advapi32

RegCloseKey
RegSetValueExW
GetUserNameW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW

user32

RegisterClassW
CreateWindowExW
SetWindowLongW
GetWindowLongW
TranslateMessage
ExitWindowsEx
PostQuitMessage
GetMessageW
SendMessageW
DestroyWindow
UnhookWindowsHookEx
EnumDisplaySettingsW
EnumDisplayDevicesW
GetCursorPos
ReleaseDC
GetForegroundWindow
WindowFromPoint
DefWindowProcW
DispatchMessageW
LockWorkStation
GetWindowRect
GetWindowDC

shell32

SHGetFolderPathW
ShellExecuteW

gdi32

CreateCompatibleDC
SelectObject
DeleteObject
GetDIBits
DeleteDC
StretchBlt
CreateCompatibleBitmap

msi

ord70
ord45

wsock32

recv
connect
send
gethostbyname
closesocket
socket
WSACleanup
shutdown
htons
htonl
ntohl
WSAStartup

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc817308eb2864a64a75d5d123e90e8a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shell32

gdi32

msi

wsock32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 56KB - Virtual size: 56KB

.reloc Size: - Virtual size: 12KB

.aspack Size: 17KB - Virtual size: 20KB

.adata Size: - Virtual size: 4KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 56KB - Virtual size: 56KB

.reloc
Size: - Virtual size: 12KB

.aspack
Size: 17KB - Virtual size: 20KB

.adata
Size: - Virtual size: 4KB