9d2a5489b139a7701df99af501afc59ae31951354232b7935e85b84ec146e842

Sharing

Copy URL Twitter E-mail

General

Target

9d2a5489b139a7701df99af501afc59ae31951354232b7935e85b84ec146e842
Size

10.8MB
MD5

718d65532e64983438194871f4d503bc
SHA1

5c59810bd312d18cdacbae34807275c2cb1994a5
SHA256

9d2a5489b139a7701df99af501afc59ae31951354232b7935e85b84ec146e842
SHA512

cb4de6a46c5ed6d23be90d3370b3793a8ab029a599657deb8dfa70f5501cd6dd5dece2ab8deb96c6c7261f2b80375ebaf6734a82d8b8430093d36f3e3133b23b
SSDEEP

196608:WL0HA3Bhd36iY/7JaHbjiI8vd45LnTHdgD971feGvTW/R0G1XKAd+tOwLinfXJVT:CAAR76d/70iI8l45Te11OpD1NYtOHfce

Score

N/A

Malware Config

Signatures

Files

9d2a5489b139a7701df99af501afc59ae31951354232b7935e85b84ec146e842
.exe windows x86

2c7cee885308f5ea0dbd75aec8a9c52b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
MultiByteToWideChar
SetLastError
GetCurrentProcess
FreeEnvironmentStringsA
TerminateProcess
GetCurrentProcessId
GetLastError
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
LoadLibraryW
TlsGetValue
GetProcAddress
GetModuleHandleA
DeleteFileW
SetHandleCount
GetSystemInfo
FlushFileBuffers
GetSystemTimeAsFileTime
OutputDebugStringA
GetLocaleInfoA
GetStringTypeW
LoadResource
WriteFile
LCMapStringA
VirtualFree
GetEnvironmentStrings
GetOEMCP
SetThreadLocale
HeapCreate
ExitProcess
GetCurrentThreadId
UnhandledExceptionFilter

user32

GetDesktopWindow
PostThreadMessageW
CharUpperW
MessageBoxW
EndPaint
DefWindowProcW
SetFocus
SetTimer
MoveWindow
GetWindowThreadProcessId
GetForegroundWindow
BeginPaint
GetDlgCtrlID
SetClassWord
SetCaretBlinkTime
RegisterClassW
wsprintfW
FillRect
ClientToScreen
PtInRect
LoadStringA
SetWindowLongA
SendMessageW

gdi32

GetSystemPaletteEntries
StretchDIBits
CombineRgn
SetRectRgn
GetBkColor
GetTextMetricsW
OffsetViewportOrgEx
DeleteObject

advapi32

RegQueryValueExW
CryptDestroyKey
CryptDestroyHash
CloseServiceHandle
CryptGetKeyParam
CryptHashData
AllocateAndInitializeSid
GetSidIdentifierAuthority
RegOpenKeyExW
CryptAcquireContextW
RegQueryInfoKeyA
LookupAccountSidW

msvcrt

__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler3
_controlfp
_adjust_fdiv
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
__setusermatherr

Sections

pt
Size: 4.4MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pd
Size: 104KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pi
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pa
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ps
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c7cee885308f5ea0dbd75aec8a9c52b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

pt Size: 4.4MB - Virtual size: 4.9MB

pd Size: 104KB - Virtual size: 175KB

pi Size: 10KB - Virtual size: 12KB

pa Size: 512B - Virtual size: 100B

ps Size: 1024B - Virtual size: 3KB

.rsrc Size: 134KB - Virtual size: 133KB

pt
Size: 4.4MB - Virtual size: 4.9MB

pd
Size: 104KB - Virtual size: 175KB

pi
Size: 10KB - Virtual size: 12KB

pa
Size: 512B - Virtual size: 100B

ps
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 134KB - Virtual size: 133KB