9ab1d6137a38a3711626fd76bd7af59278549a0bd2851f87348427d1908de76b

Sharing

Copy URL

Twitter E-mail

General

Target

9ab1d6137a38a3711626fd76bd7af59278549a0bd2851f87348427d1908de76b
Size

393KB
MD5

6d20af227ec0681fe65b7b8807424dc5
SHA1

d6a00153a8d7284b43343304b18458cc4de298df
SHA256

9ab1d6137a38a3711626fd76bd7af59278549a0bd2851f87348427d1908de76b
SHA512

d392160619c624da8f054d1550e7b610b92868555a2587d085b3000d3b2f0bb4cdf3ef5396ee8bbf3d67e02513176ae4848b735fbb3067f877e3681cddd32dc3
SSDEEP

6144:0TATjmKoZh2w65g+KumgR6xqJOCCM7c8O4bjfHOc//ewc+BiMzj4+P0I0cn8c4rR:0uyoWfu168C8O4/WYxc+d4+P0I0D2hw

Score

N/A

Malware Config

Signatures

Files

9ab1d6137a38a3711626fd76bd7af59278549a0bd2851f87348427d1908de76b
.exe windows x86

938894cb4721d2e6cd92eb594325e129

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

usp10

ScriptRecordDigitSubstitution
ScriptShape
ScriptItemize
ScriptPlace
ScriptTextOut
ScriptFreeCache
ScriptApplyLogicalWidth
ScriptCPtoX
ScriptStringOut
ScriptGetGlyphABCWidth
ScriptStringGetLogicalWidths
ScriptGetCMap
ScriptStringXtoCP
ScriptLayout
ScriptStringCPtoX
ScriptJustify
ScriptStringValidate
ScriptStringGetOrder
ScriptStringFree
ScriptXtoCP
ScriptGetFontProperties
ScriptApplyDigitSubstitution

kernel32

TlsAlloc
CreateFileA
SetStdHandle
SetFilePointer
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
HeapSize
GetConsoleMode
GetConsoleCP
HeapReAlloc
LoadLibraryA
CreateThread
ExpandEnvironmentStringsW
SetSystemPowerState
LocalAlloc
GetSystemTimeAsFileTime
CopyFileW
VirtualAlloc
CreateDirectoryW
SetSystemTimeAdjustment
FormatMessageW
InitializeCriticalSection
GetCPInfo
FlushFileBuffers
EnterCriticalSection
VirtualProtect
LocalFree
GetCommandLineW
GetModuleHandleW
ResetEvent
VirtualFree
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
Sleep
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

938894cb4721d2e6cd92eb594325e129

Headers

File Characteristics

Imports

usp10

kernel32

Sections

.text Size: 221KB - Virtual size: 221KB

.rdata Size: 164KB - Virtual size: 164KB

.data Size: 4KB - Virtual size: 23KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 221KB - Virtual size: 221KB

.rdata
Size: 164KB - Virtual size: 164KB

.data
Size: 4KB - Virtual size: 23KB

.rsrc
Size: 1KB - Virtual size: 1KB