9999195954d649dc7ab77d36713a093b9a15fd598ba53aa3246469365bcde9d3

Sharing

Copy URL Twitter E-mail

General

Target

9999195954d649dc7ab77d36713a093b9a15fd598ba53aa3246469365bcde9d3
Size

242KB
MD5

742339812da4438b7cec38abee83a037
SHA1

c4b8f531bb6fb0e7c8cce51af5e3888316e09196
SHA256

9999195954d649dc7ab77d36713a093b9a15fd598ba53aa3246469365bcde9d3
SHA512

4d787a8b0167e3959f6cda488682a218ccc757f271bfb800410049b331dd381f7ee4fbcca25f1f90634a0803ad77fb088b265df5aad187bb1d487b850e99a8f3
SSDEEP

6144:kDfrALhMRBrMk8t9SUD8TU2gKmy3nSWYa6tXb:iKMjrlXU4hb3nSWh65b

Score

N/A

Malware Config

Signatures

Files

9999195954d649dc7ab77d36713a093b9a15fd598ba53aa3246469365bcde9d3
.exe windows x86

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
EnterCriticalSection
LocalAlloc
SizeofResource
WaitForSingleObject
LockResource
FreeLibrary
WaitForMultipleObjects
IsDebuggerPresent
GetCurrentThreadId
GetGeoInfoW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
SystemTimeToTzSpecificLocalTime
DisableThreadLibraryCalls
LocalFree
OpenProcess
CreateFileW
lstrlenW
UnhandledExceptionFilter
SystemTimeToFileTime
GetUserDefaultUILanguage
TzSpecificLocalTimeToSystemTime
LoadLibraryExW
GetSystemTime
FindResourceW
FindResourceExW
LeaveCriticalSection
WideCharToMultiByte
GetLocalTime
CompareFileTime
HeapDestroy
HeapSize
GetUserGeoID
GetNumberFormatW
CreateProcessW
DeleteCriticalSection
HeapReAlloc
ProcessIdToSessionId
LoadResource
GetQueuedCompletionStatus
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetProcessHeap
GlobalFree
RaiseException
CloseHandle
GetFileAttributesExW
PostQueuedCompletionStatus
CreateIoCompletionPort
GetStartupInfoA
VirtualAllocEx

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance
IIDFromString

oleaut32

VariantInit
VariantCopyInd
VariantClear
UnRegisterTypeLi
LoadTypeLi
RegisterTypeLi

psapi

GetModuleBaseNameW

user32

PostMessageW
GetSystemMetrics
EnumWindows
GetActiveWindow
DestroyIcon
GetWindowThreadProcessId
LoadIconW
GetDesktopWindow
AllowSetForegroundWindow

crypt32

CryptProtectData
CryptUnprotectData
CertFreeCertificateContext
CertNameToStrW

rpcrt4

UuidFromStringW

mscms

CreateColorTransformA
IsColorProfileTagPresent
InternalGetPS2ColorRenderingDictionary
CheckColors
GetPS2ColorRenderingIntent
InternalGetPS2CSAFromLCS
SetColorProfileElementSize
ConvertColorNameToIndex

sti

DllCanUnloadNow
DllUnregisterServer
StiCreateInstance
DllGetClassObject
GetProxyDllInfo
StiCreateInstanceW
DllRegisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MZwuwI
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KcPaf
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Pn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da3930f67256d8df8da9084ed39bebb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

psapi

user32

crypt32

rpcrt4

mscms

sti

Sections

.text Size: 18KB - Virtual size: 17KB

.MZwuwI Size: 1KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 2KB

.KcPaf Size: 1KB - Virtual size: 6KB

.Pn Size: 2KB - Virtual size: 4KB

.data Size: 213KB - Virtual size: 285KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.MZwuwI
Size: 1KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 2KB

.KcPaf
Size: 1KB - Virtual size: 6KB

.Pn
Size: 2KB - Virtual size: 4KB

.data
Size: 213KB - Virtual size: 285KB

.rsrc
Size: 4KB - Virtual size: 4KB