9f7cc8de9c5c08d71cbe692232e4e33a6afd6d30d40df33036be8b09751b0823

Sharing

Copy URL Twitter E-mail

General

Target

9f7cc8de9c5c08d71cbe692232e4e33a6afd6d30d40df33036be8b09751b0823
Size

292KB
MD5

6cd2413064c65804c4025f7865a2fe20
SHA1

d6b2629180ebeb2346dfeadace18d0471f02b10d
SHA256

9f7cc8de9c5c08d71cbe692232e4e33a6afd6d30d40df33036be8b09751b0823
SHA512

68bc467731381abda8391dded9eb98acc6e487be9c38c628bdd81a396ba279fecc69ee3f03574d1b20012f9175533dc5a967625927e39407b3d5a4931c078e57
SSDEEP

6144:IZdRZ/rFZGPNp/efwxXCFYHj3fOByd/wo+jRAf9VQj9Q:OdRZ/rFI78xFYHj3fOBy6o+1Af9y9

Score

N/A

Malware Config

Signatures

Files

9f7cc8de9c5c08d71cbe692232e4e33a6afd6d30d40df33036be8b09751b0823
.exe windows x86

0226ff46c04d70487272245eae4d2eba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
VirtualFree
GetProcessHeap
IsBadReadPtr
SetFileTime
VirtualQueryEx
WriteFile
InitializeCriticalSection
GetSystemDirectoryW
WideCharToMultiByte
Sleep
ReadProcessMemory
GetVersionExW
LeaveCriticalSection
lstrcpynW
GetFileAttributesW
TerminateProcess
ReadFile
GetModuleFileNameW
CreateFileW
lstrcmpW
SetEvent
lstrlenW
CreateMailslotW
GetLastError
GetProcAddress
VirtualAlloc
EnterCriticalSection
VirtualProtectEx
LoadLibraryA
LocalAlloc
CreateEventW
CreatePipe
lstrcmpiW
VirtualProtect
GetFileTime
DeleteCriticalSection
GetShortPathNameW
ReleaseMutex
CloseHandle
LocalFree
ResumeThread
ExpandEnvironmentStringsW
WaitForSingleObject
GetCurrentProcess
SetUnhandledExceptionFilter
HeapAlloc
CreateProcessW
SetThreadContext
CreateMutexW
GetFileSize
GetThreadContext
GetCommandLineW
MultiByteToWideChar
ExitProcess
CreateFileA
HeapFree
HeapReAlloc
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

advapi32

RegisterServiceCtrlHandlerW
FreeSid
IsValidSid
SetServiceStatus
AllocateAndInitializeSid
EqualSid
IsTextUnicode
GetTokenInformation
StartServiceCtrlDispatcherW
OpenProcessToken
QueryServiceConfigW

psapi

GetModuleBaseNameW

ws2_32

ntohl

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0226ff46c04d70487272245eae4d2eba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

psapi

ws2_32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 184KB - Virtual size: 182KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 184KB - Virtual size: 182KB