bfa5b0b831d0d1c56497891221ccac087aefdcb4b6a72917ba4fb109293a110a

Sharing

Copy URL Twitter E-mail

General

Target

bfa5b0b831d0d1c56497891221ccac087aefdcb4b6a72917ba4fb109293a110a
Size

179KB
MD5

b97c60175773f1d02bd67e04a6a24147
SHA1

c868cd2d9d864a6dbe8aaf8f0ea62bf450e9dfd7
SHA256

bfa5b0b831d0d1c56497891221ccac087aefdcb4b6a72917ba4fb109293a110a
SHA512

dd23f28f8271bee0c8ec8d32404f84ae3d42a3e144335615611aa52e835d6e1baa6939aa8920c994c3397b8c5b1bc991aabc5cf02b2ab460628699790e0c4009
SSDEEP

3072:NnqzYpV9OoY7j8LgNx7hKp48ZEOA2QbhB2+jU0hBwCLsRKst:pIo8PNRhKp41z2Gf8CsF

Score

N/A

Malware Config

Signatures

Files

bfa5b0b831d0d1c56497891221ccac087aefdcb4b6a72917ba4fb109293a110a
.exe windows x86

0bf6acde20a737e0dbae1ad229c1550f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
SetStdHandle
WriteConsoleA
VirtualFree
GetEnvironmentVariableW
lstrlenA
HeapSize
ReadFile
CloseHandle
DeleteCriticalSection
ReleaseMutex
GlobalLock
CreateFileMappingW
GetStartupInfoA
DisableThreadLibraryCalls
GetFileAttributesW
GetOEMCP
GetSystemInfo
FindClose
LeaveCriticalSection
GetTickCount
GetCurrentThreadId
CreateFileA
InterlockedExchange
CreateFileW
RtlUnwind
OutputDebugStringA
GetSystemTimeAsFileTime
GetACP
GetProcAddress
VirtualAlloc
TlsGetValue
FreeLibrary
MapViewOfFile
FindNextFileA
ExitProcess
lstrcmpW
GlobalDeleteAtom
GlobalUnlock
HeapFree
LocalAlloc
SetUnhandledExceptionFilter
GetTempFileNameA
GetProcessHeap
DeleteFileA
GetCurrentProcess
VirtualProtect
CreateEventW
EnterCriticalSection
GetCurrentProcessId
FormatMessageA
FileTimeToSystemTime
GetEnvironmentVariableA
GetFileSize
WaitForMultipleObjects
TlsSetValue
ResetEvent
InitializeCriticalSection
SetLastError
InterlockedCompareExchange
OpenProcess
SetConsoleCP
HeapAlloc
GetStdHandle
RaiseException
GetModuleHandleA
GlobalAlloc
GetFileType
MultiByteToWideChar
Sleep
CreateThread
CreateProcessA
TerminateProcess
GetConsoleOutputCP
GetEnvironmentStrings
GetCPInfo
SetFileAttributesW
lstrcmpiA
CompareStringW
CreateSemaphoreW
HeapDestroy
GetModuleFileNameA
GetDateFormatA
CreateMutexW

msvcrt

_wcsicmp
_stricmp
memset
strchr
_callnewh
_wtol
wcsncmp
fflush
?terminate@@YAXXZ
_initterm
__p__fmode
time
wcstol
__getmainargs
malloc
_amsg_exit
_XcptFilter
??2@YAPAXI@Z
iswspace
_unlock
??1type_info@@UAE@XZ
??3@YAXPAX@Z

advapi32

ReportEventW
GetTokenInformation
RevertToSelf
RegOpenKeyExW
CryptReleaseContext
RegQueryInfoKeyW
RegOpenKeyExA
InitializeSecurityDescriptor
RegCreateKeyExW
RegQueryValueExW
OpenSCManagerW

lz32

LZSeek
LZOpenFileA
LZOpenFileW

user32

IsDlgButtonChecked
PostMessageW
IsChild
SetActiveWindow
LoadStringW
EnumChildWindows
EndPaint
GetFocus
SetWindowTextW
CallWindowProcA
FindWindowW
ReleaseDC
SetFocus
PostQuitMessage
GetWindowLongW
SetWindowPos
CallWindowProcW
GetTopWindow
InvalidateRect
EnumThreadWindows
MessageBoxA
SetRect
LoadStringA
SetCapture

ole32

CoRegisterPSClsid
CoTaskMemRealloc
CoUninitialize
StringFromGUID2

gdi32

GetClipBox
CreateRectRgn
GetTextExtentPoint32W
GetDeviceCaps
ExcludeClipRect
StretchBlt
CreatePatternBrush
GetDIBits
SetWindowExtEx

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 148KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 629B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bf6acde20a737e0dbae1ad229c1550f

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

lz32

user32

ole32

gdi32

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 148KB - Virtual size: 161KB

.idata Size: 512B - Virtual size: 258B

.idata Size: - Virtual size: 392B

.data Size: 512B - Virtual size: 1.0MB

.rsrc Size: 1024B - Virtual size: 629B

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 148KB - Virtual size: 161KB

.idata
Size: 512B - Virtual size: 258B

.idata
Size: - Virtual size: 392B

.data
Size: 512B - Virtual size: 1.0MB

.rsrc
Size: 1024B - Virtual size: 629B