909adf8f3172e9fecaebbd171e76461b67351a3efc0472af9ffc9ddb5b14bb93

Sharing

Copy URL

Twitter E-mail

General

Target

909adf8f3172e9fecaebbd171e76461b67351a3efc0472af9ffc9ddb5b14bb93
Size

176KB
MD5

6663dd986edc5c3d1962b7deaa80b7a9
SHA1

e7e60391eb1c200f5e5b58c7076002280e29af46
SHA256

909adf8f3172e9fecaebbd171e76461b67351a3efc0472af9ffc9ddb5b14bb93
SHA512

def1b3aea81a238aa3eee79d944ef397db3e5149f2e28dffe686c10a4104963cd5ceb01abce225a1aced298334f534415b4c75a7462df59becbee8d00095a665
SSDEEP

3072:pZdS3iXHFR4vvjV7/73B+240eQYyOMDTbHEeVkyyxpJa5UlBNrr3zmzVZ5O:pZo3iXHFRejF3jmPFM7yxza5UlBNLmzJ

Score

N/A

Malware Config

Signatures

Files

909adf8f3172e9fecaebbd171e76461b67351a3efc0472af9ffc9ddb5b14bb93
.exe windows x86

6f6fa555eac8390569bd1148cc22382f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
LoadLibraryW
MultiByteToWideChar
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
HeapSize
FreeEnvironmentStringsW
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
SetStdHandle
WriteConsoleW
LCMapStringW
GetStringTypeW
HeapReAlloc
CreateFileW
FlushFileBuffers
GetModuleHandleW
HeapCreate
CloseHandle
GetModuleFileNameA
LoadLibraryA
GlobalFree
GetProcAddress
GetLastError
HeapAlloc
GetTickCount
IsProcessorFeaturePresent
EncodePointer
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCurrentProcess
WideCharToMultiByte
GetCommandLineA
HeapFree

user32

GetMenu
MoveWindow
GetWindow
DestroyWindow
GetMessageA
SetActiveWindow
LoadMenuIndirectA
RegisterClassExA
PostQuitMessage
IsIconic
SetCapture
KillTimer
IsZoomed
GetFocus
LoadMenuA
LoadIconA
GetClientRect
EnumWindows
PtInRect
TranslateMessage
ChildWindowFromPoint
MessageBoxA
InvalidateRect
UnregisterClassA
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
RedrawWindow
LoadAcceleratorsA
ShowWindow
CreatePopupMenu
DispatchMessageA
GetSystemMetrics
CloseWindow
UpdateWindow
DestroyMenu
LoadCursorA
DialogBoxParamA

gdi32

DeleteDC
CreateFontIndirectA
SetPixel
DeleteObject
SelectObject
GetStockObject

winspool.drv

EndPagePrinter
ClosePrinter

comdlg32

PrintDlgA

advapi32

RegOpenKeyExW
CheckTokenMembership
FreeSid
RegDeleteValueW

shell32

Shell_NotifyIconA

oleaut32

GetErrorInfo

ws2_32

WSAStartup

mpr

WNetCloseEnum
WNetGetUniversalNameA
WNetEnumResourceA

iphlpapi

GetIpAddrTable

shlwapi

StrStrA

Sections

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 126KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f6fa555eac8390569bd1148cc22382f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

oleaut32

ws2_32

mpr

iphlpapi

shlwapi

Sections

.data Size: 34KB - Virtual size: 33KB

.rdata Size: 13KB - Virtual size: 13KB

.text Size: 126KB - Virtual size: 133KB

.rsrc Size: 1KB - Virtual size: 1KB

.data
Size: 34KB - Virtual size: 33KB

.rdata
Size: 13KB - Virtual size: 13KB

.text
Size: 126KB - Virtual size: 133KB

.rsrc
Size: 1KB - Virtual size: 1KB