9a5c9c2e5139edba0a3db6d21580f1d57840624f071b6fcc6e8ffd89e4eda661

Sharing

Copy URL Twitter E-mail

General

Target

9a5c9c2e5139edba0a3db6d21580f1d57840624f071b6fcc6e8ffd89e4eda661
Size

730KB
MD5

6632368c3a0ddcc9ffa68f40f5b787f0
SHA1

f33e9a2390498bb3f28f8a0e9214886bd7a133e8
SHA256

9a5c9c2e5139edba0a3db6d21580f1d57840624f071b6fcc6e8ffd89e4eda661
SHA512

b5c31d040a13b7e2b20ee909b0c9bada9d937767cc4fd9f19e3d0aeff0fff9d6689efead0587a8f429cf421638c9c1f634151c132d744e07b6cbe4d71486d407
SSDEEP

6144:f92YxER7MQaadgLyy4KRiwRngzLqHd4VUyByAHel4jwXd7MwH0:f9bWR7MQaYmyy4KNBgzydZT2ga

Score

N/A

Malware Config

Signatures

Files

9a5c9c2e5139edba0a3db6d21580f1d57840624f071b6fcc6e8ffd89e4eda661
.exe windows x86

fed7469bbe26673078ebe466e8b0acd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strstr
sprintf
_stricmp
strcmp
tolower
wcslen
wcscpy
_wcsicmp
wcscmp
wcsstr
_wcsnicmp
wcsncmp
wcsncpy
_wcsdup
free
memmove
_isnan
memcpy
wcscat
strlen
strcpy
strcat
memcmp
_CIpow
_CIlog
localtime
mktime
gmtime
_itow
fabs
ceil
malloc
floor
fclose
_vsnwprintf
fmod
sin
cos
abs

kernel32

GetModuleHandleW
HeapCreate
lstrlenW
HeapDestroy
ExitProcess
GlobalSize
GlobalAlloc
Sleep
GlobalFree
OpenProcess
TerminateProcess
CloseHandle
GetLogicalDrives
GetVolumeInformationW
GetDriveTypeW
MultiByteToWideChar
SetErrorMode
GetDiskFreeSpaceExW
GetFileAttributesW
GlobalReAlloc
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
HeapFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CreateThread
GetModuleFileNameW
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
PeekNamedPipe
ReadFile
GetLastError
GetExitCodeProcess
GetCommandLineW
CreateFileW
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
WideCharToMultiByte
SetUnhandledExceptionFilter
RaiseException
FreeLibrary
LoadLibraryA
GetProcAddress
GetTickCount
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsGetValue
LoadLibraryW
CreateDirectoryW
SetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CopyFileW
FindNextFileW
MoveFileW
HeapReAlloc
GetLocalTime
FlushFileBuffers
WriteConsoleW
GetVersionExW
DeleteCriticalSection
TlsFree
SetLastError
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
ReleaseSemaphore

user32

SendMessageW
FindWindowW
GetWindowThreadProcessId
EnumWindows
DestroyWindow
GetPropW
GetWindow
SetActiveWindow
RemovePropW
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
LoadCursorW
DefWindowProcA
RegisterClassA
CreateWindowExA
RegisterWindowMessageA
CharLowerW
CharUpperW
DestroyIcon
FillRect
GetIconInfo
DrawIconEx

gdi32

DeleteObject
GetStockObject
GetObjectType
GetObjectW
CreateCompatibleDC
SelectObject
CreateSolidBrush
DeleteDC
BitBlt
GdiSetBatchLimit
GdiGetBatchLimit
CreateDIBSection
GetDIBits
CreateBitmap
SetPixel
GetTextExtentPoint32W
SetBkMode
SetTextAlign
SetBkColor
SetTextColor
TextOutW
SetStretchBltMode
SetBrushOrgEx
StretchBlt
GetPixel
CreateFontIndirectW
GetTextMetricsW
CreateCompatibleBitmap

advapi32

OpenSCManagerW
OpenServiceW
StartServiceW
CloseServiceHandle
RegisterServiceCtrlHandlerW
SetServiceStatus
StartServiceCtrlDispatcherW
DeleteService
QueryServiceStatus
ControlService
CreateServiceW
ChangeServiceConfig2W
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom

comctl32

InitCommonControlsEx

oleaut32

SysAllocString

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

wsock32

closesocket
WSACleanup
WSAStartup
connect
socket
inet_addr
gethostbyname
htons
bind
ioctlsocket
select
__WSAFDIsSet
send
sendto

winmm

timeBeginPeriod

Sections

.code
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 436KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fed7469bbe26673078ebe466e8b0acd8

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

comctl32

oleaut32

ole32

shell32

wsock32

winmm

Sections

.code Size: 174KB - Virtual size: 174KB

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 436KB - Virtual size: 469KB

.code
Size: 174KB - Virtual size: 174KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 436KB - Virtual size: 469KB