bbfa20f92c120b5248e7121e1803dc063a27f042a37e41c1fdd58fdec0383b3f

Sharing

Copy URL Twitter E-mail

General

Target

bbfa20f92c120b5248e7121e1803dc063a27f042a37e41c1fdd58fdec0383b3f
Size

15KB
MD5

31af89fb23babfed2b97e9174c7b7bb9
SHA1

5fcbeb7ea45c58c8fa85f068a9c7382df943ed63
SHA256

bbfa20f92c120b5248e7121e1803dc063a27f042a37e41c1fdd58fdec0383b3f
SHA512

9e6482338d597acb76b68977f2c91bccc95af12f11eda269dadd9db38b9cf8b5a05382f5bfc1d7df67406b695ec55d0b42bb963ca8d005591fd6cb14707f4583
SSDEEP

192:UQFS1WmdaUsDj45SuqIMl/i3s/xAoSTijRByOlOtkuiSZ3Td4IBbd/ZYaX8Xka:BOWcYAA1NrjSOgBiKRxYaak

Score

N/A

Malware Config

Signatures

Files

bbfa20f92c120b5248e7121e1803dc063a27f042a37e41c1fdd58fdec0383b3f
.exe windows x86

d87b6c50bf7124a8f0967cff050f4d80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFileEx
CreateMailslotA
ReleaseMutex
FileTimeToLocalFileTime
GetEnvironmentVariableA
GetLastError
CreateMutexA
ReadFile
WaitNamedPipeA
GetFileTime
SetFilePointer
CreateFileA
OpenProcess
CloseHandle
OpenMutexA
ConnectNamedPipe
DosDateTimeToFileTime
GetCurrentThreadId
VirtualAllocEx

user32

TranslateMessage
GetMessageA
CheckDlgButton
DestroyWindow
HideCaret
GetDlgCtrlID
LoadAcceleratorsA
CreateWindowExA
OpenClipboard
SendMessageA
CheckMenuItem
CallWindowProcA
RegisterClassExA
LoadCursorA
SetWindowPos
CharNextA
MapWindowPoints
BeginPaint
GetMenu
OffsetRect
ShowWindow
GetWindowTextA
GetWindowLongA
DispatchMessageA
DefWindowProcA
DialogBoxParamA
UpdateWindow

shell32

ILFindLastID
SHCreateLocalServerRunDll
SHLoadInProc
SHGetRealIDL
SHRestricted
OpenRegStream
SHShellFolderView_Message
PathResolve
PifMgr_CloseProperties
Shell_MergeMenus
Shell_GetImageLists
SHFindFiles
DriveType
OpenAs_RunDLL
SHUpdateImageA
SHUpdateRecycleBinIcon
SHGetFolderLocation
Shell_NotifyIcon
DllRegisterServer
ILGetNext
SHIsFileAvailableOffline
ILCreateFromPathA
SHGetPathFromIDListA
SHHelpShortcuts_RunDLLA
SHBindToParent
ShellAboutA
SHSetInstanceExplorer
SHCreateShellItem
SHAlloc
SHILCreateFromPath
SHSimpleIDListFromPath
SHFlushSFCache
ExtractAssociatedIconExA
ILGetSize
PifMgr_OpenProperties
SHCreateDirectory
SheSetCurDrive
SHFileOperation
ILCloneFirst
PathMakeUniqueName
RealShellExecuteA
SHGetFolderPathAndSubDirA
ShellExecuteA
SHCreateShellFolderView
SHGetDataFromIDListA
SHGetFileInfo
ShellHookProc
RegenerateUserEnvironment

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d87b6c50bf7124a8f0967cff050f4d80

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 30B

.rsrc Size: 5KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 30B

.rsrc
Size: 5KB - Virtual size: 16KB