bf9732394c8838f20e95d8dc50220bc7[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

bf9732394c8838f20e95d8dc50220bc7.exe
Size

2.5MB
MD5

bf9732394c8838f20e95d8dc50220bc7
SHA1

8d740a5fea5d43224bad35727888d0965d87c61a
SHA256

b7d9f37e382bbb34858885e08b72ae41a73e484a9b30f8f0e16bd3f546daa018
SHA512

c5e14032594e004fce0f78b97bcf8d501503669e156f06f01a4450fc4ae72460b6b35142893828b307f10a76e0cb4543c1c3b6942606a017e6927fbd90a2d657
SSDEEP

49152:qT74fg0tjLmVWA+8/pGyxe3ZD6a8JHaK0kiy:474Y6j6P/pGyOCH/0ki

Score

1^/10

Malware Config

Signatures

Files

bf9732394c8838f20e95d8dc50220bc7.exe
.exe windows x86

ac2dad243f78a83a7e8d2e594338a3aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

avicap32

capCreateCaptureWindowA

ws2_32

closesocket
connect
recvfrom
WSACleanup
inet_addr
htons
freeaddrinfo
setsockopt
select
ioctlsocket
WSAGetLastError
shutdown
sendto
WSAStartup
getaddrinfo
socket
send
recv

winmm

waveInClose
waveInPrepareHeader
waveInStop
waveInStart
waveInAddBuffer
waveInUnprepareHeader
waveInOpen

urlmon

URLDownloadToFileW
URLDownloadToFileA

kernel32

IsValidCodePage
SetStdHandle
GetTimeZoneInformation
ReadConsoleW
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
CreateProcessW
GetExitCodeProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentThread
SetConsoleCtrlHandler
FreeLibraryAndExitThread
ResumeThread
ExitThread
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
Sleep
CreateThread
GlobalAlloc
GlobalUnlock
GlobalLock
OutputDebugStringA
TerminateThread
GetModuleHandleA
ReleaseMutex
WaitForSingleObject
CreateMutexA
ExitProcess
ReadFile
WriteFile
CreatePipe
PeekNamedPipe
TerminateProcess
CreateProcessA
GetSystemDirectoryA
FormatMessageA
CreateFileA
FindClose
FindFirstFileA
FindNextFileA
GetFileSize
CloseHandle
GetLogicalDriveStringsA
DeleteFileA
GetTempPathA
CreateDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
GetModuleFileNameA
GetComputerNameA
GetLocaleInfoA
FindFirstFileW
FindNextFileW
OpenProcess
GetModuleFileNameW
LoadLibraryExA
LoadLibraryW
LocalFree
lstrcatW
MultiByteToWideChar
WideCharToMultiByte
AreFileApisANSI
CreateFileMappingW
CreateFileW
CreateMutexW
DeleteFileW
FlushFileBuffers
FlushViewOfFile
FormatMessageW
GetCurrentProcessId
GetACP
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
GetProcessHeap
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
LockFile
LockFileEx
MapViewOfFile
OutputDebugStringW
QueryPerformanceCounter
SetEndOfFile
SetFilePointer
SystemTimeToFileTime
UnlockFile
UnlockFileEx
UnmapViewOfFile
WaitForSingleObjectEx
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
CopyFileA
SetEvent
CreateEventA
SetEnvironmentVariableW
VirtualProtect
VirtualFree
VirtualLock
VirtualUnlock
GetDriveTypeW
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetModuleHandleW
CreateEventW
ResetEvent
InitializeCriticalSectionAndSpinCount
GetLocaleInfoEx
GetStringTypeW
LCMapStringEx
GetCPInfo
CompareStringEx
DecodePointer
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
EncodePointer
InitializeCriticalSectionEx
CreateSymbolicLinkW
GetFileInformationByHandleEx
CreateHardLinkW
GetDiskFreeSpaceA
VirtualAlloc
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
FindFirstFileExW
GetDiskFreeSpaceExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
DeviceIoControl
CreateDirectoryExW
CopyFileW
MoveFileExW

user32

SetTimer
DestroyWindow
IsWindow
RegisterClassExA
PostQuitMessage
GetSystemMetrics
GetWindowThreadProcessId
GetForegroundWindow
SetProcessDPIAware
GetAsyncKeyState
SetWindowLongA
GetWindowLongA
GetWindowTextW
SetWindowTextW
SetWindowTextA
CreateWindowExA
RegisterClassA
CallWindowProcA
DefWindowProcA
SendMessageA
DispatchMessageA
TranslateMessage
GetMessageA
EmptyClipboard
GetClipboardData
SetClipboardData
LoadIconA
OpenClipboard
KillTimer
CloseClipboard

advapi32

GetUserNameW
SystemFunction036
RegGetValueA
RegOpenKeyExA

shell32

SHGetFolderPathW
SHGetFolderPathA
SHGetSpecialFolderPathA
SHFileOperationA

crypt32

CryptUnprotectData

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 265B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac2dad243f78a83a7e8d2e594338a3aa

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

avicap32

ws2_32

winmm

urlmon

kernel32

user32

advapi32

shell32

crypt32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 220KB - Virtual size: 219KB

.data Size: 18KB - Virtual size: 509KB

.idata Size: 9KB - Virtual size: 8KB

.msvcjmc Size: 1KB - Virtual size: 1KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 265B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 54KB - Virtual size: 53KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 220KB - Virtual size: 219KB

.data
Size: 18KB - Virtual size: 509KB

.idata
Size: 9KB - Virtual size: 8KB

.msvcjmc
Size: 1KB - Virtual size: 1KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 265B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 54KB - Virtual size: 53KB