d9f2ac794bd783bc123b446b31c81548eebe83b65848927238bb134926420180

Sharing

Copy URL Twitter E-mail

General

Target

d9f2ac794bd783bc123b446b31c81548eebe83b65848927238bb134926420180
Size

68KB
MD5

3a9f4d203a113ef0c961c93e9ce2abbe
SHA1

d8691ad90428ad518e3e3c0cd7db523c7874337b
SHA256

d9f2ac794bd783bc123b446b31c81548eebe83b65848927238bb134926420180
SHA512

91d5f0776017927399586def44837755c8050a1e4b75406efee4c8821491b72ca869d60764758997566356a0094b0eb6998161695939688b23148601ec0f4914
SSDEEP

1536:Fc1Dh5r1YXES0oTiKhbSFfrNk4AoKrV9A:F0N8UNES1rNkno2K

Score

N/A

Malware Config

Signatures

Files

d9f2ac794bd783bc123b446b31c81548eebe83b65848927238bb134926420180
.exe windows x86

ff57538b72759b5ca44ffbd28478f1f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
SetLocalTime
FileTimeToSystemTime
FormatMessageA
GetCurrentProcess
TerminateThread
WinExec
HeapSize
HeapReAlloc
RtlUnwind
CloseHandle
InterlockedIncrement
InterlockedDecrement
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CopyFileA
GetLastError
Sleep
GetTickCount
GetLocalTime
lstrcpyA
MoveFileA
GetModuleHandleA
CreateThread
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetModuleFileNameA
CreateMutexA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsW
GlobalFree
GlobalAlloc
MultiByteToWideChar
ResumeThread
TlsSetValue
TlsGetValue
ExitThread
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetCurrentThreadId
TlsAlloc
SetLastError
HeapAlloc
TerminateProcess
FreeEnvironmentStringsA

user32

DialogBoxParamA
PostMessageA
SetTimer
SendMessageA
GetDlgItemTextA
GetWindowLongA
ShowWindow
MessageBoxA
EndDialog
SetDlgItemTextA
LoadIconA
EnableWindow
FindWindowExA
SendMessageTimeoutA
ExitWindowsEx
IsDlgButtonChecked
IsWindowEnabled
KillTimer
CheckRadioButton
GetDlgItem
wsprintfA
CreateDialogParamA
GetClientRect
SendDlgItemMessageA
GetWindowRect
SetWindowPos
SetForegroundWindow
SetWindowLongA

advapi32

RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
RegCreateKeyA
RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

OleInitialize
OleUninitialize
CoGetClassObject
OleSetContainedObject

comctl32

InitCommonControlsEx
ord17

wsock32

WSACleanup
gethostbyname
WSAStartup
ntohl
recv
closesocket
connect
socket
htons

oleaut32

SysAllocString
VariantInit
VariantClear

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff57538b72759b5ca44ffbd28478f1f0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

comctl32

wsock32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 8KB - Virtual size: 7KB