b0c66dd62f4225ea5992a7be386964f0eb2b622d12229b401859b385d3e533e5

Sharing

Copy URL

Twitter E-mail

General

Target

b0c66dd62f4225ea5992a7be386964f0eb2b622d12229b401859b385d3e533e5
Size

230KB
MD5

de61471ddab25786a600a433fde40079
SHA1

fa463e40f44768f29af08744ea433dd553bb2ad0
SHA256

b0c66dd62f4225ea5992a7be386964f0eb2b622d12229b401859b385d3e533e5
SHA512

8af05725aa388769453355cc1dca8761be32c04aa16d48371e7c83b616f269303709a5e47177cdfa8c099e006edcf06c64c549bced8ea89d032355c278f073d0
SSDEEP

3072:NBxBDi7HvvjhlmhvfY9FgqvYqR0zaZLwgtFVGhCG7MszbZM:NBxBDi7Pdl8YFLRlZltFV3Jse

Score

N/A

Malware Config

Signatures

Files

b0c66dd62f4225ea5992a7be386964f0eb2b622d12229b401859b385d3e533e5
.exe windows x86

f7b2547b1fb290250560a8db881af74d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
HeapAlloc
HeapReAlloc
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReleaseMutex
SetCurrentDirectoryW
GetWindowsDirectoryA
SetLastError
SetThreadLocale
Sleep
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
lstrcpyA
lstrlenA
lstrlenW
GetStartupInfoA
VirtualAlloc
CreateFileA
GetOEMCP
GetThreadLocale
GetProcAddress
GetPrivateProfileIntW
GetModuleHandleW
GetModuleFileNameW
GetLastError
GetFileAttributesW
FormatMessageW
FormatMessageA
CloseHandle
ExitProcess
EnterCriticalSection
CreateProcessW
CreateFileW
CreateEventA
SetEvent

user32

GetWindowRect
KillTimer
CharLowerW
MapDialogRect
MessageBoxA
MessageBoxW
PostMessageW
SendMessageW
SetFocus
SetTimer
GetSysColor
GetDlgItem

gdi32

SelectObject
GetTextMetricsW
CreateDCW
DeleteDC
GetStockObject
GetTextExtentPointW

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
GetUserNameW
RegDeleteKeyW

shlwapi

StrStrIA
StrCpyNW
SHRegGetBoolUSValueA
SHGetValueA
PathRemoveFileSpecA
PathQuoteSpacesA
PathFindFileNameA
PathAppendA
wnsprintfA

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_abnormal_termination
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_iob
_mbscmp
_mbscpy
_mbsicmp
_mbsinc
_mbslwr
_mbsnbcmp
_mbsnbicmp
_snwprintf
_vsnwprintf
_wcsicmp
_wcsnicmp
_wmakepath
_wsplitpath
_wtoi
exit
free
fwprintf
iswctype
malloc
memmove
setlocale
swscanf
wcschr
wcscmp
wcscpy
wcslen
wcsncmp
wcsrchr

Sections

.data8
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7b2547b1fb290250560a8db881af74d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

msvcrt

Sections

.data8 Size: 1024B - Virtual size: 1000B

.data7 Size: 1024B - Virtual size: 1000B

.data6 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 392B

.data5 Size: 115KB - Virtual size: 114KB

.reloc Size: 20KB - Virtual size: 19KB

.data8
Size: 1024B - Virtual size: 1000B

.data7
Size: 1024B - Virtual size: 1000B

.data6
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 392B

.data5
Size: 115KB - Virtual size: 114KB

.reloc
Size: 20KB - Virtual size: 19KB