ff0237271d2cdb41c11dbfe9601c5a8d9a5d0c17056bf9ab93560f11f530191c

Sharing

Copy URL

Twitter E-mail

General

Target

ff0237271d2cdb41c11dbfe9601c5a8d9a5d0c17056bf9ab93560f11f530191c
Size

820KB
MD5

089bff28773a41edce5c8dcb050c22d5
SHA1

be27ef7f25ba6387d7423bef1078baf7bcb525ff
SHA256

ff0237271d2cdb41c11dbfe9601c5a8d9a5d0c17056bf9ab93560f11f530191c
SHA512

d159d6253d7025483d41292f3cfe5e87b0535c52122247c9e6ddc73c33b7a87dd657af1e0089364d6a9405cb88993d26747b61db64360575b5e90604b1f3f019
SSDEEP

24576:8omnag+rh40o+I67qF9H3mlnWlCca1voSg:8Hag++0xI6W9X2Wocap

Score

N/A

Malware Config

Signatures

Files

ff0237271d2cdb41c11dbfe9601c5a8d9a5d0c17056bf9ab93560f11f530191c
.exe windows x86

f9a325f2798dfdfe2a3981cc12026bb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegQueryValueW
LookupPrivilegeNameW
RegReplaceKeyA
InitiateSystemShutdownW

comctl32

ImageList_DrawEx
ImageList_GetImageInfo
ImageList_DragEnter
DestroyPropertySheetPage
ImageList_DragLeave
ImageList_SetFlags
CreateMappedBitmap
ImageList_BeginDrag
DrawStatusText
InitMUILanguage
InitCommonControlsEx
ImageList_Draw
ImageList_DragShowNolock

user32

GetMenuItemCount
GetListBoxInfo
CallNextHookEx
CheckMenuRadioItem
GetWindowThreadProcessId
IntersectRect
EnumDesktopWindows
DdeAddData
DlgDirSelectComboBoxExW
RegisterClassA
AdjustWindowRectEx
SetDebugErrorLevel
GetGUIThreadInfo
UnhookWinEvent
InvalidateRgn
CreateAcceleratorTableA
PostQuitMessage
CopyAcceleratorTableW
DlgDirListComboBoxA
GetWindowModuleFileNameA
DefMDIChildProcA
DefWindowProcA
ClientToScreen
GetMessageA
DdeUninitialize
IsWindowVisible
GetKeyState
RegisterClassExA
WINNLSEnableIME
DestroyWindow
GetWindowContextHelpId
MessageBoxA
SetWinEventHook
ShowWindow
RegisterDeviceNotificationW
CreateWindowExA
GetClassNameW
MoveWindow
TranslateAcceleratorA
MapDialogRect
DrawStateA
CharUpperA
SetDoubleClickTime
GetMessageExtraInfo
DdeDisconnectList
CopyAcceleratorTableA
DispatchMessageA
DdeNameService
TranslateAcceleratorW
GetGuiResources
DdeQueryNextServer
GetUserObjectInformationA
CreateWindowExW
DialogBoxParamA
IsWindowEnabled
DefMDIChildProcW

kernel32

CreateFileA
CompareStringA
RtlUnwind
WideCharToMultiByte
GetStringTypeA
GetTimeFormatA
TransactNamedPipe
CreateNamedPipeW
InterlockedExchange
InterlockedCompareExchange
LCMapStringA
GetStartupInfoW
CreateMutexA
LeaveCriticalSection
GetDateFormatA
GetTickCount
WriteConsoleA
VirtualAlloc
InterlockedIncrement
IsDebuggerPresent
HeapAlloc
WaitForMultipleObjects
ReadFile
GetTimeZoneInformation
SetLastError
GetCurrentProcessId
DeleteFileW
GetEnvironmentStringsW
CreateEventW
GetStartupInfoA
HeapSize
GetCPInfo
GetLastError
GetConsoleCP
QueryPerformanceCounter
VirtualQuery
WriteConsoleW
GetCommandLineA
FreeEnvironmentStringsW
LoadLibraryA
SetHandleCount
GetStringTypeW
TerminateProcess
GetSystemTimeAsFileTime
GetUserDefaultLCID
SetConsoleCtrlHandler
IsValidLocale
InitializeCriticalSection
SetStdHandle
TlsFree
GetCommandLineW
lstrcmpiA
HeapCreate
EnumSystemLocalesA
DeleteCriticalSection
LocalShrink
FlushFileBuffers
VirtualFree
GetCurrentThread
GetVersionExA
FreeEnvironmentStringsA
GetModuleFileNameA
HeapFree
SetConsoleTitleA
GetStdHandle
GetFileType
GetEnvironmentStrings
ConvertDefaultLocale
IsValidCodePage
TlsSetValue
WriteFile
GetModuleFileNameW
GetUserDefaultLangID
GetModuleHandleA
FreeLibrary
GetCurrentThreadId
TlsGetValue
GetACP
Sleep
GetFileAttributesW
InterlockedDecrement
CompareStringW
MultiByteToWideChar
SetFilePointer
GetProcessHeap
EnterCriticalSection
GetLocaleInfoW
OpenMutexA
SetEnvironmentVariableA
CloseHandle
UnmapViewOfFile
HeapReAlloc
GetCurrentProcess
GetConsoleMode
HeapDestroy
LCMapStringW
GetProcAddress
GetOEMCP
LocalReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExitProcess
GetConsoleOutputCP
TlsAlloc
LoadLibraryW
GetLocaleInfoA

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a325f2798dfdfe2a3981cc12026bb0

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 408KB - Virtual size: 407KB

.data Size: 140KB - Virtual size: 157KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 408KB - Virtual size: 407KB

.data
Size: 140KB - Virtual size: 157KB

.rsrc
Size: 36KB - Virtual size: 34KB