facb8774f0de517ea580e2b04c6d62ea8ac919f120fd9cc7ae81dbfa68557c4c

Sharing

Copy URL Twitter E-mail

General

Target

facb8774f0de517ea580e2b04c6d62ea8ac919f120fd9cc7ae81dbfa68557c4c
Size

17KB
MD5

15540a0561dc0f50f7dd44c5b5005249
SHA1

886b4047de2437135e190d353edf283f39197314
SHA256

facb8774f0de517ea580e2b04c6d62ea8ac919f120fd9cc7ae81dbfa68557c4c
SHA512

c8ba5d0c6c22697e9c10b95512ad26e47839397a9c88799cfa495c6633c4c60ae301347b52c71a5e1d1187481748346b21d2e45491123d4b7af6008a2c422334
SSDEEP

192:U5RGGvX/qRBggZQGKSFaSsGar8ERkgQePtcjYPgvyp+3a15K0+8m4hND3koxYc:UnX/KmSFanY9rLaWa15rxm49

Score

N/A

Malware Config

Signatures

Files

facb8774f0de517ea580e2b04c6d62ea8ac919f120fd9cc7ae81dbfa68557c4c
.exe windows x86

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

LoadBitmapW

advapi32

RegOpenKeyExW

shlwapi

UrlUnescapeA
wvnsprintfW
wnsprintfW
AssocQueryStringByKeyA
AssocQueryStringByKeyW
ChrCmpIA
ColorAdjustLuma
ColorHLSToRGB
ColorRGBToHLS
HashData
PathAddBackslashW
PathAddExtensionW
PathAppendA
PathBuildRootA
PathBuildRootW
PathCanonicalizeA
PathCombineA
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathW
PathCreateFromUrlW
PathFindFileNameA
PathFindFileNameW
PathFindOnPathA
PathFindSuffixArrayW
PathGetCharTypeW
PathIsContentTypeA
PathIsDirectoryEmptyW
PathIsFileSpecA
PathIsLFNFileSpecW
PathIsNetworkPathW
PathIsPrefixA
PathIsRelativeW
PathIsSameRootA
PathIsSystemFolderW
PathMakePrettyA
PathMakePrettyW
PathMakeSystemFolderW
PathRemoveBackslashW
PathStripPathA
PathUndecorateA
PathUndecorateW
PathUnmakeSystemFolderA
SHCopyKeyW
SHDeleteEmptyKeyW
SHDeleteValueW
SHGetInverseCMAP
SHOpenRegStream2W
SHQueryValueExW
SHRegCloseUSKey
SHRegEnumUSKeyA
SHRegEnumUSValueW
SHRegGetPathW
SHRegGetUSValueA
SHRegOpenUSKeyA
SHRegQueryInfoUSKeyA
SHRegQueryInfoUSKeyW
SHRegQueryUSValueA
SHRegSetPathA
SHRegSetPathW
SHRegSetUSValueA
StrCSpnA
StrCSpnIW
StrCatBuffA
StrCatBuffW
StrCmpNIW
StrCpyNW
StrCpyW
StrDupA
StrDupW
StrFormatByteSizeW
StrFormatKBSizeW
StrFromTimeIntervalA
StrIsIntlEqualW
StrPBrkW
StrRChrA
StrRChrIA
StrStrA
StrToIntExA
StrTrimW
UrlApplySchemeA
UrlCanonicalizeW
UrlIsNoHistoryA
UrlIsOpaqueW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf8c151593655cae1ae89c0cf4655f48

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

shlwapi

version

Sections

.text Size: 4KB - Virtual size: 4KB

.text1 Size: 1024B - Virtual size: 800B

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 136B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.text1
Size: 1024B - Virtual size: 800B

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 136B

.rsrc
Size: 2KB - Virtual size: 1KB