09b44f36083a0e5707ffadaf476d77ddcf3a10d82717850313ce75ddfdd1ce07

Sharing

Copy URL

Twitter E-mail

General

Target

09b44f36083a0e5707ffadaf476d77ddcf3a10d82717850313ce75ddfdd1ce07
Size

1.0MB
MD5

7e7c75d86aa29662c336f08df1aacf6e
SHA1

005e32b2b6699a50edd3798adddd09aaf2e96cff
SHA256

09b44f36083a0e5707ffadaf476d77ddcf3a10d82717850313ce75ddfdd1ce07
SHA512

c7a64f0951d275cf168e681c485db6ed74483c726170b48cc666c83cb6624956a801345766e79aa4fcd5944e0753d5d689f985f9461f38037487a5ea2222bf6b
SSDEEP

24576:1Wn3qh9RMGGNleS5qEs0CBwmYlJ3YWq/Qx3kUvtBrFwgXwNSz:1Wn3qh+T55X/A/Qx3PHFNXYSz

Score

N/A

Malware Config

Signatures

Files

09b44f36083a0e5707ffadaf476d77ddcf3a10d82717850313ce75ddfdd1ce07
.exe windows x86

af373ed27120efd168e6fb9dfb7d3761

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetProcAddress
LoadLibraryA
GetPrivateProfileStringW
MultiByteToWideChar
CreateDirectoryW
CreateFileW
GetFileSize
GetVolumeInformationW
ReadFile
WriteFile
OutputDebugStringA
OutputDebugStringW
CloseHandle
WaitForSingleObject
CreateMutexW
GetCurrentProcess
GetCurrentProcessId
CreateThread
TerminateThread
GetSystemDirectoryW
VirtualQuery
FindResourceExW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
LoadResource
LockResource
SizeofResource
FindResourceW
CopyFileW
Sleep
GetExitCodeThread
WideCharToMultiByte
DeleteFileW
SetEndOfFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetLastError
TerminateProcess
FlushFileBuffers
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
FreeLibrary
SystemTimeToFileTime
LockFileEx
LocalFree
UnlockFile
HeapCompact
LoadLibraryW
GetSystemInfo
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
UnmapViewOfFile
GetFileAttributesW
GetTempPathW
UnlockFileEx
GetFullPathNameA
LockFile
GetDiskFreeSpaceW
GetFullPathNameW
HeapCreate
AreFileApisANSI
InitializeCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
RaiseException
DecodePointer
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
VirtualProtect
LoadLibraryExA
GetStringTypeW
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
QueryPerformanceFrequency
GetCurrentThread
GetThreadTimes
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
ExitProcess
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
GetStdHandle
GetFileType
GetFileSizeEx
SetFilePointerEx
GetConsoleCP
GetConsoleMode
ReadConsoleW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW

user32

wsprintfA
MessageBoxW
GetDesktopWindow

advapi32

RegCloseKey
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW

shlwapi

PathFileExistsW

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpSetCredentials
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpSetOption
WinHttpWriteData
WinHttpConnect
WinHttpSetStatusCallback
WinHttpCloseHandle
WinHttpOpen
WinHttpCrackUrl
WinHttpOpenRequest

quartz

AMGetErrorTextW

Sections

.text
Size: 838KB - Virtual size: 838KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af373ed27120efd168e6fb9dfb7d3761

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

winhttp

quartz

Sections

.text Size: 838KB - Virtual size: 838KB

.rdata Size: 186KB - Virtual size: 185KB

.data Size: 22KB - Virtual size: 33KB

.text
Size: 838KB - Virtual size: 838KB

.rdata
Size: 186KB - Virtual size: 185KB

.data
Size: 22KB - Virtual size: 33KB