9fe3d33cc8140861f171f785fe489c6ef42cdd2c3951b5da0e71ad72d88d0bcc

Sharing

Copy URL Twitter E-mail

General

Target

9fe3d33cc8140861f171f785fe489c6ef42cdd2c3951b5da0e71ad72d88d0bcc
Size

248KB
MD5

8bbbc0bead5ff4e0e3364203e28a668f
SHA1

dda5472ddca1ba7f29495a7665521c79bac2528a
SHA256

9fe3d33cc8140861f171f785fe489c6ef42cdd2c3951b5da0e71ad72d88d0bcc
SHA512

b805bf5dd366c73f41ba59ae6a38c06b05d5dae48e7e4254a932e537047751a13c73a447b82184aa65cbd94f8704da7afad317d487d8051e7f828bddc347a699
SSDEEP

6144:yCdwv1ARl68227oa+DB31T7gyJ8ZYInWQAA:yCm1AFUbDcnYIH

Score

N/A

Malware Config

Signatures

Files

9fe3d33cc8140861f171f785fe489c6ef42cdd2c3951b5da0e71ad72d88d0bcc
.exe windows x86

3ec0359f62c71c5c97b7dce614dd35cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
GetComputerNameW
DeleteTimerQueueTimer
VirtualQueryEx
WaitForMultipleObjects
DeleteCriticalSection
MapViewOfFileEx
GetStartupInfoW
ReleaseSemaphore
GetTickCount
GetFileSize
lstrcmpiW
GetVolumeInformationW
GetFileAttributesA
GetDateFormatA
LoadResource
GetStringTypeExW
GlobalFlags
InterlockedCompareExchange
GetTimeFormatA
GetUserDefaultLangID
ExpandEnvironmentStringsA
SetPriorityClass
SearchPathW
CreateDirectoryW
GetSystemDirectoryW
GetEnvironmentVariableW
GlobalDeleteAtom
OutputDebugStringA
CreateThread
LoadLibraryExA
CloseHandle
lstrcmpiA
GlobalMemoryStatus
TransactNamedPipe
SetEnvironmentVariableW
EnumSystemLocalesA
_llseek
HeapSetInformation
TlsAlloc
VirtualProtect
SetConsoleCtrlHandler
GetOverlappedResult
SetNamedPipeHandleState
IsValidCodePage
FindNextFileW
GetLocalTime
CreateSemaphoreW
GetTempFileNameA
ExitProcess
CreateProcessW
GetDateFormatW
GetModuleHandleA
lstrcpynA
GetShortPathNameW
ResumeThread
GetCurrentProcessId
SetFileAttributesA
GetFileTime
CreateIoCompletionPort
LockFile
HeapAlloc
MapViewOfFile
IsBadReadPtr
QueryPerformanceCounter
OpenEventA
Process32FirstW
LoadLibraryA
GetCurrentDirectoryW
GetLogicalDriveStringsA
GlobalUnlock
OpenFile
_lopen
GetThreadPriority
DeleteFileW
GetTempFileNameW
WaitForSingleObject
GetVolumeInformationA
ExpandEnvironmentStringsW
lstrlenA
VirtualAlloc
QueueUserWorkItem
GetStartupInfoA

shlwapi

StrCatBuffA
PathRemoveBackslashW
PathCanonicalizeW

shell32

SHGetSpecialFolderLocation

version

GetFileVersionInfoSizeW

advapi32

GetUserNameW
SetFileSecurityA
CheckTokenMembership
GetUserNameA
RegEnumValueA

user32

CopyAcceleratorTableA
DeferWindowPos
SetMenuItemInfoW
SetWindowLongA
GetPropW
FindWindowExA
GetClassNameW
ModifyMenuW
GetMessageW
FrameRect
DialogBoxParamA
CharLowerA
DestroyMenu
TranslateMessage
LoadCursorW
LoadStringA
SetWindowLongW
GetClassInfoExW
SetClipboardData
DrawIconEx
GetClipboardFormatNameA
RegisterClassExW
CheckDlgButton
EndPaint
GetLastActivePopup

winspool.drv

DeletePrinterDriverA
EnumPrintersA
ClosePrinter
DeletePrinter

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_purecall
_wtol
wcsncpy
_splitpath
_wcsupr
qsort
rand
strchr
_itow
strrchr
strstr
wcstol
iswdigit
fread
wcslen
_vsnprintf
bsearch
_exit
time
isdigit
longjmp
_mbsrchr
_expand
wcscpy
_wcsdup
ctime
isspace
_errno
_msize
atol
setlocale
_strnicmp
calloc
ceil
memmove
_snwprintf
realloc
free
towlower
_wtoi64
wcscspn
localtime
_itoa

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

uekykwu
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

guyywu
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

owoeac
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ec0359f62c71c5c97b7dce614dd35cb

Headers

File Characteristics

Imports

kernel32

shlwapi

shell32

version

advapi32

user32

winspool.drv

msvcrt

Sections

.text Size: 192KB - Virtual size: 190KB

uekykwu Size: 24KB - Virtual size: 22KB

guyywu Size: 16KB - Virtual size: 12KB

owoeac Size: 12KB - Virtual size: 9KB

.text
Size: 192KB - Virtual size: 190KB

uekykwu
Size: 24KB - Virtual size: 22KB

guyywu
Size: 16KB - Virtual size: 12KB

owoeac
Size: 12KB - Virtual size: 9KB