9ab5fb37a2ca64a322ad01a86339b7b5fc9dda1e677c0326931a25357fab2a72

Sharing

Copy URL Twitter E-mail

General

Target

9ab5fb37a2ca64a322ad01a86339b7b5fc9dda1e677c0326931a25357fab2a72
Size

130KB
MD5

617c9d2f3a5c4e29d61dbe010aada3a9
SHA1

1cc3c67fe93446c46dea60411f5a7704eafd81c3
SHA256

9ab5fb37a2ca64a322ad01a86339b7b5fc9dda1e677c0326931a25357fab2a72
SHA512

a44dd2b5ba8a27dc768716e1d14bc086b04acd08574c6d7f763bdcef9b15b293660ebd699eac3bb5565f4aa483170cc30f5878eb05507e0a8d039d3cd3077c5d
SSDEEP

3072:77enSuGc1VBuPjDWjKORbYy6XNkFKd4k8T6WBkhu1ED:/mBubXORbMNyO4xTxBTM

Score

N/A

Malware Config

Signatures

Files

9ab5fb37a2ca64a322ad01a86339b7b5fc9dda1e677c0326931a25357fab2a72
.exe windows x86

1b3714d9b08f0ba8bdd73b573ccbbdc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

srand
time
_CxxThrowException
_wtol
malloc
??1type_info@@UAE@XZ
rand
??3@YAXPAX@Z
_purecall
??2@YAPAXI@Z
_wcsicmp
wcstok
_beginthreadex
_wmakepath
wcslen
_wsplitpath
_except_handler3
_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_vsnwprintf
_vsnprintf
_itow
__CxxFrameHandler

msvcp60

??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB

advapi32

GetUserNameW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
GetUserNameA

kernel32

GetStartupInfoW
InterlockedExchange
LocalAlloc
GetVersionExA
GetUserDefaultLCID
GetLocaleInfoA
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
RaiseException
GetModuleHandleA
GetSystemTime
GetSystemTimeAsFileTime
lstrlenA
GetStringTypeExW
WideCharToMultiByte
MultiByteToWideChar
TerminateProcess
FormatMessageA
LocalFree
OutputDebugStringA
SetLastError
GetLastError
LoadLibraryA
LoadLibraryW
lstrcpyW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
lstrlenW
lstrcatW
GetModuleFileNameW
GetShortPathNameW
GetModuleHandleW
lstrcmpiW
FreeLibrary
GetProcAddress
GetVersion
InterlockedDecrement
GetCurrentProcessId
GetCurrentThreadId
SetUnhandledExceptionFilter
SetEvent
GetExitCodeThread
WaitForSingleObjectEx
LeaveCriticalSection
EnterCriticalSection
CreateEventW
CloseHandle
ExitThread
WaitForSingleObject
CopyFileW
MoveFileExW
DeleteFileW
CreateProcessW
GetFileAttributesW
GetTempFileNameW
GetTempPathW
GetLocalTime

user32

IsCharAlphaNumericW
SetPropW
GetWindowLongW
SetWindowLongW
GetWindowLongA
IsWindowUnicode
TranslateMessage
PeekMessageW
GetSystemMetrics
IsCharAlphaW
FindWindowW
SendMessageTimeoutW
WaitForInputIdle
PostThreadMessageW
GetMessageW
DispatchMessageW
LoadStringW
CharNextW
RemovePropW
MessageBoxA
GetPropW

iprop

PropVariantClear

ole32

CoRegisterClassObject
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CoUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoRevokeClassObject

oleaut32

VariantInit
RegisterTypeLi
LoadTypeLi
SysFreeString
SysAllocString
VariantChangeType
VariantClear

mspgimme

SetupGimme
EPLoadMSO

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b3714d9b08f0ba8bdd73b573ccbbdc4

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

msvcp60

advapi32

kernel32

user32

iprop

ole32

oleaut32

mspgimme

Sections

.text Size: 46KB - Virtual size: 46KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1000B

.cdata Size: 72KB - Virtual size: 72KB

.text
Size: 46KB - Virtual size: 46KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1000B

.cdata
Size: 72KB - Virtual size: 72KB