9d7c78920b9c61d266af1c775c0dc219a4f017b168d16e87fac7dd1f0d832e4f

Sharing

Copy URL Twitter E-mail

General

Target

9d7c78920b9c61d266af1c775c0dc219a4f017b168d16e87fac7dd1f0d832e4f
Size

80KB
MD5

7bb2e08b711c5f0b79887ed6e0aafe64
SHA1

ecbfe9ad980bce05c4b1ff623041f5fe65ff7989
SHA256

9d7c78920b9c61d266af1c775c0dc219a4f017b168d16e87fac7dd1f0d832e4f
SHA512

72e5d1fac9f51862c052d706ebac7811aac3eedecd279f0d72cc44a99a0f3dca6af7150b3ff41ccc8ec946b0474973f2bd22376e7b78c2a1e5aa55b8e79fae7c
SSDEEP

1536:zgzn1JU85xSMkus6Aa9ArG9OXzVbaPTUV9aXFL4jQnIWgGD+Q5x+x1aM7:zsn1W85UMkusrfNXJkTW9aXFL0QWKsTD

Score

N/A

Malware Config

Signatures

Files

9d7c78920b9c61d266af1c775c0dc219a4f017b168d16e87fac7dd1f0d832e4f
.exe windows x86

94ff0b10f6f7047589f37749359238a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollBarInfo
DdeReconnect
SetMenuContextHelpId
ChangeDisplaySettingsExA
DispatchMessageA
SetDlgItemTextW
GetClipboardOwner
WINNLSEnableIME
SetMenuItemInfoW
MessageBoxIndirectA
GrayStringA
OpenDesktopW
ReleaseDC
MessageBoxW
TrackPopupMenuEx
UnregisterDeviceNotification
GetKeyboardLayoutNameW
SetThreadDesktop
SetProcessDefaultLayout
CharPrevExA
LoadStringA
SetActiveWindow
BeginPaint
OpenClipboard
CharNextA
CloseDesktop
BeginDeferWindowPos
SendMessageW
UnhookWindowsHook
CallMsgFilterA
GetClassInfoW
GetMessageA
GetKeyboardLayoutNameA
SetCursorPos
DrawTextA
SystemParametersInfoW
LoadKeyboardLayoutW
GetLastActivePopup
IsCharLowerA
DlgDirSelectComboBoxExA
GetDoubleClickTime
EndDialog
SetClassWord
DdeImpersonateClient
GetUpdateRgn
CharNextW
GetDialogBaseUnits
SetUserObjectSecurity
CharLowerW
GetUpdateRect
SetWindowTextA
SetSysColors
CallWindowProcA
GetWindowTextA
SetDlgItemTextA
SetWindowLongA
CharLowerBuffW
DefDlgProcW
FindWindowW
GetCapture
EnumPropsA
CharUpperW

shlwapi

PathAppendA
StrFormatByteSizeW
PathMakeSystemFolderW
StrCpyNW
PathIsRelativeW
SHRegGetBoolUSValueA
PathFileExistsW
StrIsIntlEqualW
StrToIntExW
PathParseIconLocationW
StrChrA
PathRemoveExtensionW
PathParseIconLocationA
UrlHashW
PathIsDirectoryA
PathQuoteSpacesW
PathAddBackslashA
UrlUnescapeA
SHDeleteValueA
StrStrIA
StrCSpnIW
PathIsUNCA
SHQueryInfoKeyA
SHCopyKeyW
PathGetCharTypeA
UrlCompareA
UrlEscapeW
PathCanonicalizeW
wvnsprintfW
PathSetDlgItemPathW
PathIsRelativeA
UrlIsNoHistoryW
StrCmpNA
StrToIntA
StrChrIA
PathRemoveArgsW
UrlCanonicalizeW
PathIsPrefixA
AssocQueryStringW
PathRemoveBackslashW
UrlCombineA
PathFindSuffixArrayA
SHSkipJunction
StrFormatKBSizeW
StrRStrIA
PathGetDriveNumberA
UrlApplySchemeW
PathIsNetworkPathW
UrlEscapeA
StrSpnA
SHEnumKeyExW
PathIsDirectoryEmptyA
PathRemoveFileSpecA
PathSearchAndQualifyW
SHQueryValueExA
StrRetToBufW
PathCombineW
StrCSpnIA
PathIsFileSpecW
SHGetThreadRef
PathCreateFromUrlW
SHRegEnumUSValueW
SHDeleteKeyA
SHQueryInfoKeyW

ole32

OleIsRunning
OleSetAutoConvert
EnableHookObject
UtConvertDvtd16toDvtd32
CoInitializeSecurity
ReadOleStg
FreePropVariantArray
StgGetIFillLockBytesOnFile
StgOpenStorage
CoFreeAllLibraries
CoUnmarshalInterface
RegisterDragDrop
OleDuplicateData
CoRegisterMallocSpy
CoIsHandlerConnected
OleCreateFromFile
OleDoAutoConvert
SetConvertStg
OleMetafilePictFromIconAndLabel
OleCreateLinkFromData
WriteClassStm
OleSetContainedObject
CoSetProxyBlanket
OleGetAutoConvert
OleCreateMenuDescriptor
CoGetInterfaceAndReleaseStream
OleConvertIStorageToOLESTREAM
WriteFmtUserTypeStg
CoCopyProxy
CoGetInstanceFromFile
OleLockRunning
CoDisconnectObject
GetClassFile
ReadStringStream
OleUninitialize
CoFileTimeToDosDateTime
CoRegisterPSClsid
CoCreateFreeThreadedMarshaler
ReadClassStm
CoReleaseMarshalData
OleConvertOLESTREAMToIStorage
CreateAntiMoniker
CoRegisterClassObject
GetDocumentBitStg
CreateStreamOnHGlobal
WriteClassStg
CoQueryReleaseObject
CoUninitialize
CreatePointerMoniker
StgSetTimes
StgOpenStorageEx
CoMarshalHresult
OleCreateLinkToFile
CLSIDFromProgID
CoGetInstanceFromIStorage
CreateItemMoniker
CoCreateInstance
CoCreateInstanceEx

kernel32

SetFileApisToOEM
FreeConsole
EnumDateFormatsExA
ReadConsoleOutputAttribute
SetCommTimeouts
WideCharToMultiByte
DebugBreak
IsBadWritePtr
EnumSystemCodePagesA
GetDefaultCommConfigA
EnumResourceTypesA
GetPrivateProfileSectionA
CreateSemaphoreW
GetSystemDefaultLCID
GetVolumeInformationA
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
HeapFree
GetPrivateProfileSectionNamesW
VirtualUnlock
LocalUnlock
VirtualFreeEx
CopyFileExA
Module32First
GetPrivateProfileStringA
PeekConsoleInputA
GetCurrentDirectoryA
GetDriveTypeA
SetThreadExecutionState
SetSystemTime
WinExec
CreateProcessA
SetErrorMode
EnumCalendarInfoExW
VirtualAlloc
GetDiskFreeSpaceExW
FindResourceExW
GetCommTimeouts
TerminateProcess
GetStringTypeExA
GetLargestConsoleWindowSize
SetTimeZoneInformation
IsSystemResumeAutomatic
DeleteFileA
FileTimeToSystemTime
LoadResource
GetProcAddress
GetNamedPipeHandleStateA
ReadConsoleA
WriteConsoleOutputW
lstrcpyA
GetProfileStringW
SetTapeParameters
GetProcessWorkingSetSize
FindResourceExA
VirtualQuery
GetModuleFileNameA
ExitProcess
ReadConsoleInputA
WriteConsoleOutputCharacterA
GetTempPathW
GetSystemDefaultLangID
GetSystemTimeAdjustment
LocalReAlloc
EnumDateFormatsExW
GetThreadPriority
WriteProfileSectionA
SetLocaleInfoW
CreateMailslotA
SetConsoleTextAttribute
OpenFileMappingA
VirtualProtect
CreateFileW

advapi32

RegDeleteValueA
CreatePrivateObjectSecurity
GetTrusteeTypeW
QueryServiceConfigA
GetServiceDisplayNameA
CryptAcquireContextA
MapGenericMask
NotifyBootConfigStatus
OpenServiceA
AddAce
RegUnLoadKeyA
CryptEnumProviderTypesA
RegOpenKeyW
InitializeSecurityDescriptor
SetSecurityInfoExA
ObjectCloseAuditAlarmA
RegRestoreKeyA
GetServiceKeyNameW
ConvertAccessToSecurityDescriptorW
LookupAccountSidA
RegQueryMultipleValuesA
RegOpenKeyExW
GetFileSecurityW
AreAllAccessesGranted
ImpersonateSelf
RegSetValueExW
RegConnectRegistryW
AreAnyAccessesGranted
CryptSetProviderW
MakeAbsoluteSD
GetMultipleTrusteeW
GetServiceDisplayNameW
GetFileSecurityA
GetSidSubAuthority
RegQueryInfoKeyW
DeregisterEventSource
RegEnumKeyExW
BuildImpersonateTrusteeW
StartServiceCtrlDispatcherW
CryptEnumProvidersW
CryptCreateHash
OpenBackupEventLogA
CryptEnumProvidersA
GetSecurityInfoExA
ReadEventLogW
CryptVerifySignatureA
GetExplicitEntriesFromAclW
InitiateSystemShutdownW
ConvertSecurityDescriptorToAccessA
RegEnumKeyW
RegEnumValueW
RegOpenKeyA
GetAccessPermissionsForObjectA
CryptSetProvParam

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

94ff0b10f6f7047589f37749359238a7

Headers

DLL Characteristics

File Characteristics

Imports

user32

shlwapi

ole32

kernel32

advapi32

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 20KB