bb4ec59adf568e39d4f8e355ab523413120cdd9641a1aaed79574e2084774478

Sharing

Copy URL Twitter E-mail

General

Target

bb4ec59adf568e39d4f8e355ab523413120cdd9641a1aaed79574e2084774478
Size

533KB
MD5

6541446dc5fdc0c0b29a29386f14c926
SHA1

b389317f3c94042e805b53c156f5998ccbd7331a
SHA256

bb4ec59adf568e39d4f8e355ab523413120cdd9641a1aaed79574e2084774478
SHA512

803c6ac9ac4fdbd7e272b61936b10b522393774a37a8f770635a0eac7d6a9499fd538992e3d2cee65a0080bbdd646bb9868e9b39d6e00f65fd656ef7cb57a990
SSDEEP

12288:sWiPrQsirPES1ACz4BtZunEU9w48hrsNCX3KQL2n06HLhOaC/Zh:sWiPrQJryCz4Va/SSu3RLwLhOa4/

Score

N/A

Malware Config

Signatures

Files

bb4ec59adf568e39d4f8e355ab523413120cdd9641a1aaed79574e2084774478
.exe windows x86

0df45b5a824b38bb4bfb644e1bfa3d6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClipboardFormatNameA
RegisterClassA
DestroyWindow
DdeImpersonateClient
GetWindowModuleFileNameW
DefWindowProcW
IsWindowVisible
RegisterClassExA
DrawMenuBar
CreateWindowExW
CharLowerA
SetUserObjectInformationW
DrawTextW
ShowWindow
wsprintfW
MessageBoxW

kernel32

GetModuleHandleA
HeapDestroy
GetCommandLineA
EnterCriticalSection
SetConsoleTitleA
GetCurrentThread
InterlockedIncrement
EnumSystemLocalesA
GetProcAddress
QueryPerformanceCounter
SetLastError
GetConsoleOutputCP
GetLocaleInfoW
FreeEnvironmentStringsA
TlsAlloc
CreateMutexA
SetConsoleCtrlHandler
InitializeCriticalSection
GetStringTypeExA
Sleep
GetStartupInfoW
GetStdHandle
HeapAlloc
GetCurrentProcessId
InterlockedExchange
GetLocaleInfoA
FlushFileBuffers
ReadFile
TlsSetValue
SetEnvironmentVariableA
GetFileType
GetUserDefaultLCID
WriteFile
CreateFileA
GetStartupInfoA
GetConsoleCP
SetStdHandle
DeleteCriticalSection
InterlockedDecrement
MultiByteToWideChar
GetTimeZoneInformation
LCMapStringW
FreeLibrary
LeaveCriticalSection
GetCurrentThreadId
HeapSize
CompareStringW
GetConsoleMode
SetUnhandledExceptionFilter
GetModuleFileNameA
GetStringTypeW
ExitProcess
TerminateProcess
WriteProfileStringW
IsDebuggerPresent
GetEnvironmentStringsW
SetHandleCount
SetFilePointer
WriteConsoleA
GetLastError
GetCommandLineW
GetModuleFileNameW
IsValidLocale
TlsFree
GetOEMCP
GetProcessHeap
WideCharToMultiByte
RtlUnwind
OpenMutexA
VirtualQuery
IsValidCodePage
FreeEnvironmentStringsW
lstrcmpiA
GetProfileStringW
DeleteAtom
TlsGetValue
GetVersionExA
GetEnvironmentStrings
CompareStringA
CloseHandle
GetSystemTimeAsFileTime
EnumTimeFormatsA
WriteConsoleW
CreateThread
GetCurrentProcess
UnhandledExceptionFilter
LoadLibraryA
VirtualAlloc
SetConsoleCursorPosition
HeapFree
LCMapStringA
HeapCreate
GetStringTypeA
GetACP
GetDateFormatA
VirtualFree
GetCPInfo
GetTimeFormatA
HeapReAlloc
GetTickCount

wininet

SetUrlCacheEntryInfoW
UrlZonesDetach
InternetGoOnlineA
GetUrlCacheGroupAttributeW
InternetFortezzaCommand
DeleteUrlCacheGroup
FindFirstUrlCacheGroup
InternetGetCookieW

comdlg32

ChooseColorA
GetSaveFileNameW
GetFileTitleW
FindTextW

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_Read

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 214KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0df45b5a824b38bb4bfb644e1bfa3d6b

Headers

File Characteristics

Imports

user32

kernel32

wininet

comdlg32

comctl32

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 214KB - Virtual size: 218KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 214KB - Virtual size: 218KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 12KB - Virtual size: 12KB