ab05b7afb2925ad1f153e36828ae7c1640e1cd3bfeaed0045793ff6c2ad6c08a

Sharing

Copy URL Twitter E-mail

General

Target

ab05b7afb2925ad1f153e36828ae7c1640e1cd3bfeaed0045793ff6c2ad6c08a
Size

230KB
MD5

4a43ae86f5dd541d47db0c435ca418ae
SHA1

0b1515db97f86b3cae133c018ca33f273a10ddce
SHA256

ab05b7afb2925ad1f153e36828ae7c1640e1cd3bfeaed0045793ff6c2ad6c08a
SHA512

4c1e197145180738e716f1dd1d1761bc28c67522f851758e0b229b0c6012e2d3bfba86f9d0e4228faefb88200832968e047a2542aeaf5560de647390c624f7dd
SSDEEP

3072:zBxBDi7HvvjhlmhvfY9FgqvYqR0zaZLwgtFVGhCG7MszbZM:zBxBDi7Pdl8YFLRlZltFV3Jse

Score

N/A

Malware Config

Signatures

Files

ab05b7afb2925ad1f153e36828ae7c1640e1cd3bfeaed0045793ff6c2ad6c08a
.exe windows x86

f7b2547b1fb290250560a8db881af74d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
HeapAlloc
HeapReAlloc
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReleaseMutex
SetCurrentDirectoryW
GetWindowsDirectoryA
SetLastError
SetThreadLocale
Sleep
WaitForMultipleObjects
WideCharToMultiByte
WriteFile
lstrcpyA
lstrlenA
lstrlenW
GetStartupInfoA
VirtualAlloc
CreateFileA
GetOEMCP
GetThreadLocale
GetProcAddress
GetPrivateProfileIntW
GetModuleHandleW
GetModuleFileNameW
GetLastError
GetFileAttributesW
FormatMessageW
FormatMessageA
CloseHandle
ExitProcess
EnterCriticalSection
CreateProcessW
CreateFileW
CreateEventA
SetEvent

user32

GetWindowRect
KillTimer
CharLowerW
MapDialogRect
MessageBoxA
MessageBoxW
PostMessageW
SendMessageW
SetFocus
SetTimer
GetSysColor
GetDlgItem

gdi32

SelectObject
GetTextMetricsW
CreateDCW
DeleteDC
GetStockObject
GetTextExtentPointW

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
GetUserNameW
RegDeleteKeyW

shlwapi

StrStrIA
StrCpyNW
SHRegGetBoolUSValueA
SHGetValueA
PathRemoveFileSpecA
PathQuoteSpacesA
PathFindFileNameA
PathAppendA
wnsprintfA

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_abnormal_termination
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_iob
_mbscmp
_mbscpy
_mbsicmp
_mbsinc
_mbslwr
_mbsnbcmp
_mbsnbicmp
_snwprintf
_vsnwprintf
_wcsicmp
_wcsnicmp
_wmakepath
_wsplitpath
_wtoi
exit
free
fwprintf
iswctype
malloc
memmove
setlocale
swscanf
wcschr
wcscmp
wcscpy
wcslen
wcsncmp
wcsrchr

Sections

.data8
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7b2547b1fb290250560a8db881af74d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

msvcrt

Sections

.data8 Size: 1024B - Virtual size: 1000B

.data7 Size: 1024B - Virtual size: 1000B

.data6 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 392B

.data5 Size: 115KB - Virtual size: 114KB

.reloc Size: 20KB - Virtual size: 19KB

.data8
Size: 1024B - Virtual size: 1000B

.data7
Size: 1024B - Virtual size: 1000B

.data6
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 392B

.data5
Size: 115KB - Virtual size: 114KB

.reloc
Size: 20KB - Virtual size: 19KB