9e76dc23da91cc8bcbe120f19aaeb9d710f2a6a1bfad6f7335fda40e54b1b0aa

Sharing

Copy URL

Twitter E-mail

General

Target

9e76dc23da91cc8bcbe120f19aaeb9d710f2a6a1bfad6f7335fda40e54b1b0aa
Size

163KB
MD5

6808b7d42ac606feaa3097ca8ac5a220
SHA1

b52983f4feb944bfe94514552e7e51824fe2acc3
SHA256

9e76dc23da91cc8bcbe120f19aaeb9d710f2a6a1bfad6f7335fda40e54b1b0aa
SHA512

c912472ba3b12f260a06d273d18e34ede80459f2e8a27817c908df528d695da783db77acee62cb1a2d808ec180c0139d691207db3743c9881e4928c364267131
SSDEEP

3072:P41t3V8BjyK6muZwer0B2/vAjHL/F9BRqKY5n/McIGQNrnatz:QpV84K6ZwE0B2vAjHL/F9B0KY5nfQNrO

Score

N/A

Malware Config

Signatures

Files

9e76dc23da91cc8bcbe120f19aaeb9d710f2a6a1bfad6f7335fda40e54b1b0aa
.exe windows x86

db781a99e0c5b12972e8c7f36e7b65bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_vsnprintf
_ftol
memmove
_wsplitpath
_wtoi
??2@YAPAXI@Z
__CxxFrameHandler
_vsnwprintf
free
malloc
wcschr
?terminate@@YAXXZ
_except_handler3
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_CxxThrowException
??3@YAXPAX@Z

kernel32

EnterCriticalSection
GetCurrentThreadId
ExitProcess
SystemTimeToFileTime
GetLocalTime
lstrlenW
GetSystemDefaultLangID
CreateProcessW
GetSystemDirectoryW
GetProcAddress
InterlockedIncrement
LeaveCriticalSection
WaitForMultipleObjects
CreateThread
TryEnterCriticalSection
Sleep
CompareStringW
GetTimeFormatW
LocalFree
GetModuleHandleA
GetStartupInfoA
lstrlenA
CreateMutexW
CreateEventW
OpenEventW
RegisterWaitForSingleObject
SetEvent
WaitForSingleObject
ReleaseMutex
UnregisterWaitEx
FreeLibrary
DeleteCriticalSection
GetLastError
MultiByteToWideChar
GetCurrentProcessId
ProcessIdToSessionId
CloseHandle
SetLastError
GetSystemTime
InterlockedDecrement
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
DeleteFileW
CreateDirectoryW
SetFileAttributesW
lstrcmpiW
GetFileAttributesW
VerSetConditionMask
VerifyVersionInfoW
GetCommandLineW
LoadLibraryA
ReadFile
GetFileSize
CreateFileW
InitializeCriticalSection
GetModuleHandleW
GetVersionExW
LoadLibraryExW
HeapFree
HeapAlloc
GetProcessHeap
WideCharToMultiByte
FileTimeToSystemTime
GetTickCount
GetCurrentProcess
MoveFileW
HeapReAlloc
SetEndOfFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WriteFile
FormatMessageW
GetDateFormatW

gdi32

SetBkColor
GetCurrentObject
TextOutW
CreateSolidBrush
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
SetStretchBltMode
StretchBlt
DeleteDC
SetBkMode
SetTextColor
SelectObject
DeleteObject
GetStockObject
CreateFontIndirectW
GetObjectW

user32

SetWindowTextW
IsWindow
GetDesktopWindow
CopyRect
OffsetRect
RemovePropW
EqualRect
DrawEdge
GetWindowLongW
UpdateWindow
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
SetPropW
DrawTextW
GetFocus
SetWindowLongW
GetCapture
ReleaseCapture
GetParent
GetClientRect
FillRect
SetCapture
SetCursor
ScreenToClient
PtInRect
CallWindowProcW
CreateCursor
InvalidateRect
DestroyCursor
SetRectEmpty
DestroyMenu
CreatePopupMenu
AppendMenuW
CreateWindowExW
ShowWindow
SetTimer
PeekMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
DestroyWindow
PostQuitMessage
SetWindowsHookExW
DefWindowProcW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
SetActiveWindow
SetFocus
DialogBoxParamW
KillTimer
LoadImageW
GetSystemMetrics
LoadStringW
LoadAcceleratorsW
SendMessageW
EndDialog
PostMessageW
LoadCursorW
RegisterClassExW
GetWindowTextLengthW
GetWindowTextW
GetPropW
CreateDialogParamW
BeginPaint
EndPaint
SetWindowPos
GetSystemMenu
EnableMenuItem
TranslateAcceleratorW
CallNextHookEx
GetDlgCtrlID
GetSysColor
GetSysColorBrush
MessageBoxW
GetWindowRect
MapWindowPoints
ReleaseDC
DrawFocusRect
EnableWindow
GetDC
GetDlgItem
GetKeyState

shell32

SHGetFolderPathW
ShellExecuteW
Shell_NotifyIconW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocString
SafeArrayAccessData
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
SysReAllocString
SafeArrayDestroy
SafeArrayGetElement

urlmon

CreateURLMoniker

comctl32

InitCommonControlsEx

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

advapi32

RegCreateKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorOwner
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetNamedSecurityInfoW
GetSecurityDescriptorDacl

shlwapi

PathFindFileNameW
StrChrW
StrRChrW
PathIsRootW
PathIsUNCW
PathStripToRootW
PathIsRelativeW
StrStrW
StrToIntW

advpack

ExtractFiles

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mtzdycw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

db781a99e0c5b12972e8c7f36e7b65bd

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

shell32

ole32

oleaut32

urlmon

comctl32

wtsapi32

advapi32

shlwapi

advpack

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 104KB - Virtual size: 105KB

mtzdycw Size: - Virtual size: 4KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 104KB - Virtual size: 105KB

mtzdycw
Size: - Virtual size: 4KB