3b0a34eec3fe78a9900ab300c8e3cb583a5572cd8505e916ff6e27edc7659e4b

Sharing

Copy URL

Twitter E-mail

General

Target

3b0a34eec3fe78a9900ab300c8e3cb583a5572cd8505e916ff6e27edc7659e4b
Size

157KB
MD5

36264f99ef90f60c824a50d4e1806801
SHA1

17f0e0a1019d6e9f90420d9affccaea5d2782eee
SHA256

3b0a34eec3fe78a9900ab300c8e3cb583a5572cd8505e916ff6e27edc7659e4b
SHA512

76ee1a0aeb365a0312065e0919ee3560357268ac2593dd62854f965c7bc5d4fe3b8ecff84dc505f478fd00fc30d8efca4885f412830e11ad0aab5674d7ce7424
SSDEEP

384:BHV9A9DtjN1TTTTrTTTTTTTTTTTTTTTTTTTTTTTTTTTTtO7pXwxe5ymTTTTTTTT5:BHPAh5a7LmGhJdF

Score

N/A

Malware Config

Signatures

Files

3b0a34eec3fe78a9900ab300c8e3cb583a5572cd8505e916ff6e27edc7659e4b
.exe windows x86

c30ec1c5cf03e7587f930b8da52f27ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCurrentThread
LocalAlloc
CloseHandle
CreateEventA
CreateFileMappingA
CreateMutexA
CreateProcessA
DuplicateHandle
ExitThread
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
VirtualAlloc
LoadLibraryA
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReleaseMutex
SetErrorMode
SetEvent
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
GetVersionExA
ReadFile

user32

LoadStringA
MsgWaitForMultipleObjects
PeekMessageA
RegisterClassA
SendMessageA
GetShellWindow
TranslateMessage
wsprintfA
GetForegroundWindow
LoadIconA
GetClassNameA
DispatchMessageA
DestroyWindow
DefWindowProcA
CreateWindowExA
CreateMenu
GetSysColor
GetSystemMetrics
ShowWindow
LoadCursorW

advapi32

RegOpenKeyW

shlwapi

StrStrIA
StrCpyNW
SHRegGetBoolUSValueA
SHGetValueA
PathRemoveFileSpecA
PathQuoteSpacesA
PathFindFileNameA
PathAppendA
wnsprintfA

msvcrt

_except_handler3

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data2
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data15
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data14
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data13
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data24
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data23
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data22
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data21
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data20
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data19
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data18
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data17
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data16
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data11
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data10
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text3
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 813KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c30ec1c5cf03e7587f930b8da52f27ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

Sections

.text Size: 32KB - Virtual size: 32KB

.data2 Size: 1024B - Virtual size: 548B

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.data15 Size: 2KB - Virtual size: 1KB

.data14 Size: 2KB - Virtual size: 1KB

.data13 Size: 2KB - Virtual size: 1KB

.data12 Size: 2KB - Virtual size: 1KB

.data24 Size: 1024B - Virtual size: 548B

.data23 Size: 1024B - Virtual size: 548B

.data22 Size: 1024B - Virtual size: 548B

.data21 Size: 1024B - Virtual size: 548B

.data20 Size: 1024B - Virtual size: 548B

.data19 Size: 1024B - Virtual size: 548B

.data18 Size: 1024B - Virtual size: 548B

.data17 Size: 1024B - Virtual size: 548B

.data16 Size: 1024B - Virtual size: 548B

.data11 Size: 1024B - Virtual size: 548B

.data10 Size: 1024B - Virtual size: 548B

.data9 Size: 1024B - Virtual size: 548B

.data8 Size: 1024B - Virtual size: 548B

.data7 Size: 1024B - Virtual size: 548B

.data6 Size: 1024B - Virtual size: 548B

.data5 Size: 1024B - Virtual size: 548B

.data4 Size: 1024B - Virtual size: 548B

.data3 Size: 15KB - Virtual size: 15KB

.text3 Size: 49KB - Virtual size: 48KB

.text2 Size: 15KB - Virtual size: 15KB

.rsrc Size: 2KB - Virtual size: 813KB

.text
Size: 32KB - Virtual size: 32KB

.data2
Size: 1024B - Virtual size: 548B

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB

.data15
Size: 2KB - Virtual size: 1KB

.data14
Size: 2KB - Virtual size: 1KB

.data13
Size: 2KB - Virtual size: 1KB

.data12
Size: 2KB - Virtual size: 1KB

.data24
Size: 1024B - Virtual size: 548B

.data23
Size: 1024B - Virtual size: 548B

.data22
Size: 1024B - Virtual size: 548B

.data21
Size: 1024B - Virtual size: 548B

.data20
Size: 1024B - Virtual size: 548B

.data19
Size: 1024B - Virtual size: 548B

.data18
Size: 1024B - Virtual size: 548B

.data17
Size: 1024B - Virtual size: 548B

.data16
Size: 1024B - Virtual size: 548B

.data11
Size: 1024B - Virtual size: 548B

.data10
Size: 1024B - Virtual size: 548B

.data9
Size: 1024B - Virtual size: 548B

.data8
Size: 1024B - Virtual size: 548B

.data7
Size: 1024B - Virtual size: 548B

.data6
Size: 1024B - Virtual size: 548B

.data5
Size: 1024B - Virtual size: 548B

.data4
Size: 1024B - Virtual size: 548B

.data3
Size: 15KB - Virtual size: 15KB

.text3
Size: 49KB - Virtual size: 48KB

.text2
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 2KB - Virtual size: 813KB