1a9d9af5d4889938944203b038dd3fbbbf55b0c916173db000392c2456e9b145

Sharing

Copy URL Twitter E-mail

General

Target

1a9d9af5d4889938944203b038dd3fbbbf55b0c916173db000392c2456e9b145
Size

206KB
MD5

510ef294305019bb63d5caedca3f7c0c
SHA1

cc75301fa31421924a35c70356e82b5be09129d5
SHA256

1a9d9af5d4889938944203b038dd3fbbbf55b0c916173db000392c2456e9b145
SHA512

8135da966aa95fe04f27d4ee1b97ad5223743bfbca7e1ecda2c690ae0bcb3a1284599586c6fec2182188f1a92671bb4f861a8e176c7a22c0a9bd76b61e9eef29
SSDEEP

6144:n+0JKz/akvPJ/93l0Wwla9r8Rfm7OMAfVWT7p6:+0JuCkvPX18RfAF6

Score

N/A

Malware Config

Signatures

Files

1a9d9af5d4889938944203b038dd3fbbbf55b0c916173db000392c2456e9b145
.exe windows x86

33a198265415f61459d3d915a8fb171f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageW
ShowWindow
GetDlgItemInt
DestroyWindow
DefWindowProcW
LoadCursorW
SetCursor
IsWindowVisible
GetDlgItem
SendMessageW
SetDlgItemInt
MoveWindow
GetClientRect
GetDesktopWindow
CheckRadioButton
ClientToScreen
GetAsyncKeyState
CreateDialogParamW
TranslateMessage
LoadStringW
ReleaseDC
GetWindowRect
IsWindow
CheckDlgButton
EnableWindow
GetDC
InvalidateRect
IsRectEmpty
DispatchMessageW
SetWindowLongW
GetWindowLongW
SetDlgItemTextW

kernel32

lstrcpynW
MultiByteToWideChar
CreateEventW
CreateFileW
SetThreadPriority
CreateThread
GlobalFree
SetUnhandledExceptionFilter
InterlockedExchange
GetModuleFileNameA
EnterCriticalSection
VirtualFree
GlobalMemoryStatus
DeleteFileW
WideCharToMultiByte
GetQueuedCompletionStatus
GetACP
SetEndOfFile
GetTickCount
GetSystemDefaultLangID
GetFileAttributesW
GetDiskFreeSpaceW
GetProcAddress
GetFileSize
GetFullPathNameW
GetCurrentProcessId
HeapAlloc
InitializeCriticalSection
IsBadReadPtr
WaitForMultipleObjects
GetSystemTimeAsFileTime
HeapFree
GlobalAlloc
MulDiv
GetProfileIntA
CreateSemaphoreW
WaitForSingleObject
DeleteCriticalSection
GetVersionExW
FreeLibrary
lstrlenA
LoadLibraryW
LeaveCriticalSection
lstrcmpW
ReadFile
lstrcpyA
IsBadCodePtr
GlobalHandle
GlobalUnlock
SetEvent
GetTimeZoneInformation
GetPrivateProfileStringW
ReleaseSemaphore
GlobalLock
lstrcpyW
InterlockedIncrement
GetSystemInfo
CloseHandle
ResetEvent
lstrcmpiW
GetCurrentThread
QueryPerformanceCounter
lstrlenW
InterlockedDecrement
IsBadWritePtr
GetLastError
WriteFile
GetThreadPriority
GetCurrentProcess
SetFilePointer
GetProcessHeap

ncobjapi

WmiCommitObject
WmiCreateObject
WmiEventSourceDisconnect
WmiIsObjectActive
WmiCreateObjectWithFormat
WmiAddObjectProp
WmiEventSourceConnect
WmiCreateObjectWithProps
WmiSetAndCommitObject
WmiDestroyObject

nddeapi

NDdeGetShareSecurityA
NDdeIsValidAppTopicListW
NDdeGetTrustedShareW
NDdeIsValidAppTopicListA
NDdeGetTrustedShareA
NDdeGetErrorStringA
NDdeGetShareSecurityW

ifsutil

?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?AddVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?AddStart@NUMBER_SET@@QAEEVBIG_INT@@@Z
?CheckAndAdd@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?AddEdge@DIGRAPH@@QAEEKK@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?AddEntry@AUTOREG@@SGEPBVWSTRING@@@Z

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33a198265415f61459d3d915a8fb171f

Headers

File Characteristics

Imports

user32

kernel32

ncobjapi

nddeapi

ifsutil

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 62KB - Virtual size: 2.1MB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 62KB - Virtual size: 2.1MB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB