d9ab6c3e8220231066bdf4a59d5f1c8047a06c93c8419c3b7077f6db868337f3

Sharing

Copy URL Twitter E-mail

General

Target

d9ab6c3e8220231066bdf4a59d5f1c8047a06c93c8419c3b7077f6db868337f3
Size

1.1MB
MD5

413b3e96a87dc8df9ed9ac3cd18cd7d8
SHA1

aac82c105393bcafc52589e623c98319d6c35206
SHA256

d9ab6c3e8220231066bdf4a59d5f1c8047a06c93c8419c3b7077f6db868337f3
SHA512

26d11073fd1f77152220953a67e9216fdefb1a1e9793ac110e069756ca2e7659bec84a95b3ba3c2c89dba3fb7818478272368659e1a71f3f5615f5cb317d0372
SSDEEP

24576:i4u32AKMkavYe3UdU99U/NLjdmhNl3Uwi7aga79ZCxSOq/qpGDeNb:5W2AKMkaNk+9oRMXiKC0qpnb

Score

N/A

Malware Config

Signatures

Files

d9ab6c3e8220231066bdf4a59d5f1c8047a06c93c8419c3b7077f6db868337f3
.exe windows x86

b0b239ae6067a8891401bbdf9b4d4a7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32 kernel32

DeleteCriticalSection ��

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
WideCharToMultiByte
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WriteFile
WinExec
VirtualQuery
TerminateProcess
SizeofResource
SetFileAttributesA
OpenProcess
LockResource
LoadResource
GetVersionExA
GetThreadLocale
GetSystemDirectoryA
GetStringTypeExA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentProcess
GetCPInfo
GetACP
FindResourceA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
DeleteFileA
CreateProcessA
CreateFileA
CopyFileA
CloseHandle
Sleep

user32

GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
ShowWindow
PostThreadMessageA
PostMessageA
MessageBoxA
LoadStringA
GetSystemMetrics
GetMessageA
GetInputState
FindWindowExA
FindWindowA
CharNextA
CharToOemA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
OpenProcessToken

oleaut32

SysFreeString

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathA

Sections

CODE
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 944KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0b239ae6067a8891401bbdf9b4d4a7b

Headers

File Characteristics

Imports

kernel32 kernel32

kernel32

user32

advapi32

oleaut32

iphlpapi

shell32

Sections

CODE Size: 184KB - Virtual size: 184KB

SE Size: 15KB - Virtual size: 20KB

SE Size: 944KB - Virtual size: 944KB

SE Size: 512B - Virtual size: 4KB

SE Size: 4KB - Virtual size: 4KB

CODE
Size: 184KB - Virtual size: 184KB

SE
Size: 15KB - Virtual size: 20KB

SE
Size: 944KB - Virtual size: 944KB

SE
Size: 512B - Virtual size: 4KB

SE
Size: 4KB - Virtual size: 4KB