b01158dd9be205c6f717c3e0f68de231bd97a341458d88b108e1d9acaf44c8c9

Sharing

Copy URL Twitter E-mail

General

Target

b01158dd9be205c6f717c3e0f68de231bd97a341458d88b108e1d9acaf44c8c9
Size

90KB
MD5

5ac1a13c49b1dad809e813abf06fa435
SHA1

128244867b79ab22c4226e4f542e54aa93f33bbe
SHA256

b01158dd9be205c6f717c3e0f68de231bd97a341458d88b108e1d9acaf44c8c9
SHA512

a1d751ae8b6efe345f5cb1fed24de67df6fd3004ae28d87288d0eab40aa662f1da7b96842bc2294c301eaa67be3d9ff29fc02a3d354a8a35479dd0f068119a1f
SSDEEP

1536:IeAMCjWCUEffq3X7PY6LT7pUsjB14nvKGeRc3cmacAyjCfLFSoOuLgdsWV3SNcdh:IecjWCUEf87Y6LT7pzmKRRc3cmacA/fB

Score

N/A

Malware Config

Signatures

Files

b01158dd9be205c6f717c3e0f68de231bd97a341458d88b108e1d9acaf44c8c9
.exe windows x86

feb42915c690dbe7b783d51c84673cd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetTempFileNameW
GetTempPathW
CloseHandle
WaitForSingleObject
Sleep
GetCurrentProcess
ExitProcess
GetExitCodeProcess
CreateProcessW
GetTickCount
GetSystemDirectoryW
VirtualAlloc
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
IsWow64Process
lstrcpyW
lstrcatW
lstrlenW
WideCharToMultiByte
GetConsoleWindow
WriteConsoleW
SetEndOfFile
HeapReAlloc
HeapSize
GetConsoleCP
FlushFileBuffers
CreateFileW
GetProcessHeap
LCMapStringW
CompareStringW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFileType
SetFilePointerEx
ReadConsoleW
GetConsoleMode
HeapAlloc
HeapFree
GetCommandLineA
GetModuleHandleExW
GetModuleFileNameW
WriteFile
GetStdHandle
ReadFile
RaiseException
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DecodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
RtlUnwind
GetLastError
SetLastError

wsnmp32

ord502
ord301
ord906
ord600
ord202
ord602
ord503
ord601

ole32

CoInitialize
HBITMAP_UserMarshal
OleSetAutoConvert
StgCreateDocfile
OleCreateStaticFromData
HMETAFILE_UserMarshal
HGLOBAL_UserFree

ws2_32

htons
WSACreateEvent
WSAEnumNetworkEvents
WSACancelAsyncRequest
WSAGetServiceClassNameByClassIdW
inet_ntoa
WSAHtons
WSALookupServiceNextA
WEP

resutils

ResUtilStopResourceService
ResUtilVerifyPrivatePropertyList
ResUtilSetSzValue
ResUtilSetExpandSzValue
ResUtilGetPropertySize
ResUtilGetBinaryValue
ClusWorkerTerminate
ResUtilGetPrivateProperties
ResUtilIsPathValid
ResUtilVerifyService

pdh

PdhGetRawCounterArrayA
PdhOpenQueryA
PdhBrowseCountersA
PdhSetQueryTimeRange
PdhConnectMachineA
PdhCollectQueryData
PdhGetCounterInfoW
PdhAddCounterW
PdhVbGetDoubleCounterValue
PdhOpenQueryW

mapi32

ord62
ord78
ord194
ord76

user32

ShowWindow

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

feb42915c690dbe7b783d51c84673cd3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wsnmp32

ole32

ws2_32

resutils

pdh

mapi32

user32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB