9a1397284981cca5e65b023f188ae33c4752967fba5f8f5abd55d2506b11aadc

Sharing

Copy URL

Twitter E-mail

General

Target

9a1397284981cca5e65b023f188ae33c4752967fba5f8f5abd55d2506b11aadc
Size

820KB
MD5

01ba4b8b98e88aaf624a8c73c522d340
SHA1

f6595ba2ddbcc7c975738df3d7c6648850643b44
SHA256

9a1397284981cca5e65b023f188ae33c4752967fba5f8f5abd55d2506b11aadc
SHA512

20507d718f34f0145d4ee18eec5ba2d8354b216b374dea6dd19eefb18f3e5a44a404d7037ee26425a1282010bd44fbe8b31eeebb576241189dbcb68e17a203d5
SSDEEP

12288:QJpsQMfeO+/6ge+9EBqCF/iU0M6vdVj9/PnT/jfNrixtFVw:a77j/6h+9DCR0M61V1/zj1rktFS

Score

N/A

Malware Config

Signatures

Files

9a1397284981cca5e65b023f188ae33c4752967fba5f8f5abd55d2506b11aadc
.exe windows x86

9a0bf778fe8f1ac4e40195e969c64304

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
ExitProcess
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
GetACP
GetOEMCP
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetDriveTypeA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
CreateFileA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcessId
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
lstrcmpW
FormatMessageA
LocalFree
MulDiv
FindFirstFileA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
GlobalFree
GetCurrentDirectoryA
Sleep
GetTempPathA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersion
CompareStringA
lstrcmpiA
GetLastError
InterlockedExchange
CompareStringW
lstrlenA
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
WaitForSingleObject
CreateProcessA
CreateDirectoryA
MultiByteToWideChar
GetVersionExA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
LCMapStringA
GetModuleFileNameA

user32

WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
SetWindowPos
GetWindowPlacement
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetWindow
SetFocus
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsWindow
InvalidateRect
GetParent
EqualRect
SetWindowTextA
SetWindowLongA
GetWindowLongA
GetDlgItem
ShowWindow
GetWindowRect
LoadCursorA
GetSysColorBrush
WindowFromPoint
GetWindowThreadProcessId
FindWindowExA
MoveWindow
ScreenToClient
SendMessageA
PostMessageA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
LoadIconA
CharUpperA
SystemParametersInfoA
EnableWindow
UnregisterClassA
DestroyMenu
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SendDlgItemMessageA
CheckMenuItem
DefWindowProcA
RegisterWindowMessageA
EnableMenuItem

gdi32

CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
DeleteObject
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
GetObjectA
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
CreateCompatibleBitmap
ScaleViewportExtEx
GetStockObject
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA
SHBrowseForFolderA
SHGetSpecialFolderPathA
SHGetMalloc

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathFileExistsA
PathIsUNCA

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance

oleaut32

VariantInit
VariantChangeType
VariantClear

gdiplus

GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup
GdipDrawImagePointRectI
GdipDeleteGraphics
GdipSetImageAttributesColorMatrix
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipDrawImageI
GdipLoadImageFromStream
GdipCloneImage
GdipDisposeImage
GdipFree
GdipAlloc
GdipCreateFromHDC

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a0bf778fe8f1ac4e40195e969c64304

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

wininet

iphlpapi

Sections

.text Size: 256KB - Virtual size: 255KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 488KB - Virtual size: 487KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 488KB - Virtual size: 487KB