9a2fa36d2caacf24e5a694b1f41c026926c163250b5d8b35eea4fe9241d274c8

Sharing

Copy URL Twitter E-mail

General

Target

9a2fa36d2caacf24e5a694b1f41c026926c163250b5d8b35eea4fe9241d274c8
Size

172KB
MD5

47111c991cfa6aedace394e848385c10
SHA1

cdf8cb75b83aac1a0d4018bdfd2b89f1b278505c
SHA256

9a2fa36d2caacf24e5a694b1f41c026926c163250b5d8b35eea4fe9241d274c8
SHA512

543e800d53160d8e04dd4ed39e3ef07c1e3b77b3ff7d2bffebcdc45223d3dfec577d6c1096fff6a0a282f05c30660dd38deb8a44fa743126e006189513d77977
SSDEEP

3072:UTSik/uOiPFd34M+tld59zG6jO8+8EexK0Ui3SkrGUKtmT:UTSikGPv2d596M+840UerGU

Score

N/A

Malware Config

Signatures

Files

9a2fa36d2caacf24e5a694b1f41c026926c163250b5d8b35eea4fe9241d274c8
.exe windows x86

afa2d61c72048ae352978aea59d6ac60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetStringTypeW
LCMapStringW
HeapSize
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
IsProcessorFeaturePresent
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
EncodePointer
GetModuleFileNameW
GetStdHandle
DecodePointer
GetModuleHandleW
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
CloseHandle
GlobalFree
ExitProcess
GlobalUnlock
MultiByteToWideChar
ReadFile
HeapCreate
LoadLibraryW
GlobalAlloc
WriteFile
GetProcessHeap
GetUserDefaultLCID
GlobalLock
HeapAlloc
lstrlenA
GetFileSize
CreateFileA
SetLastError
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess

user32

ClientToScreen
DestroyWindow
GetMessageA
GetClassNameA
GetSystemMenu
GetWindowRect
PostQuitMessage
SendDlgItemMessageA
TrackPopupMenu
GetWindowDC
SetCapture
GetSubMenu
GetMenuBarInfo
GetParent
LoadMenuA
LoadIconA
IsWindowEnabled
wsprintfA
GetClientRect
SendMessageA
PtInRect
CreateIconIndirect
GetIconInfo
GetDC
TranslateMessage
MessageBoxA
SetCursorPos
UnregisterClassA
GetWindowLongA
CreateWindowExA
ReleaseDC
SetClassLongA
GetMenuState
GetDlgItem
DefWindowProcA
GetDesktopWindow
GetSysColor
GetCursorPos
PostMessageA
DispatchMessageA
GetMenuInfo
ReleaseCapture
CloseWindow
DialogBoxIndirectParamA
DestroyMenu
LoadCursorA
GetDlgItemTextA
SetDlgItemTextA
GetWindowThreadProcessId
RegisterClassA
MoveWindow

gdi32

MoveToEx
DeleteDC
GetCurrentObject
SetBkColor
SetPixel
GetDCBrushColor
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetTextAlign
GetPixel
GetObjectA
GetStockObject
Rectangle

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afa2d61c72048ae352978aea59d6ac60

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 132KB - Virtual size: 136KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 132KB - Virtual size: 136KB

.rsrc
Size: 1KB - Virtual size: 1KB