9d7024121ca36a3d6066c9ec1da29de3b2afcb352d324fc6570e934b62cf3cd5

Sharing

Copy URL Twitter E-mail

General

Target

9d7024121ca36a3d6066c9ec1da29de3b2afcb352d324fc6570e934b62cf3cd5
Size

500KB
MD5

71e091c35c8186ba7992675f95dd6830
SHA1

68a10fa8c0a928b1f7949192766fcaeee6833b0f
SHA256

9d7024121ca36a3d6066c9ec1da29de3b2afcb352d324fc6570e934b62cf3cd5
SHA512

a5511fde9d84cdb98d416f511b1bf8a40cef3e09dec14538ee68095e8ffee6c0b30d89331d46e4c0f864812d64b8f60a645706d9a2c10e379d1518b967147db5
SSDEEP

6144:budPShLUMDwzamIDaPIz1QBiJwBLQgzD7+sEPW5ArJXa:xhJDwzaSn5DDysEPWM

Score

N/A

Malware Config

Signatures

Files

9d7024121ca36a3d6066c9ec1da29de3b2afcb352d324fc6570e934b62cf3cd5
.exe windows x64

a05331f5167f4a2de85e957c7411b432

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegOpenKeyExW
RegQueryValueW
RegCloseKey
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle

kernel32

GetModuleFileNameW
GetVersionExW
GetVersion
lstrcpyW
VirtualProtect
Sleep
GetCurrentThreadId
CreateFileW
GetSystemDirectoryW
CloseHandle
WinExec
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetStartupInfoW
CreateThread
lstrcatW
ExpandEnvironmentStringsW
LocalFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
lstrlenW
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetProcAddress

gdi32

DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject

user32

GetWindowLongW
GetCursorPos
TrackPopupMenu
GetMenuItemID
LoadIconW
SendMessageW
EnableWindow
GetClientRect
GetActiveWindow
DrawStateW
LoadImageW
FrameRect
GetNextDlgTabItem
GetSubMenu
GetWindowRect
GetParent
TrackPopupMenuEx
OffsetRect
LoadMenuW
DestroyCursor
ClientToScreen
DrawFocusRect
InflateRect
WindowFromPoint
SetTimer
GetMessagePos
ScreenToClient
SetCursor
DestroyMenu
CopyRect
FillRect
InvalidateRect
DestroyIcon
PtInRect
KillTimer
IsWindow
GetDC
MessageBeep
SetRect
SetForegroundWindow
SetFocus
GetForegroundWindow
PostMessageW
FindWindowW
DeleteMenu
ModifyMenuW
GetSystemMetrics
InsertMenuW
CheckMenuItem
AttachThreadInput
GetWindowThreadProcessId
DeferWindowPos
EndDeferWindowPos
UpdateWindow
IsZoomed
DrawFrameControl
BeginDeferWindowPos
EqualRect
IsIconic
DrawIcon
GetIconInfo
SetMenuDefaultItem
RegisterWindowMessageW
PostQuitMessage
GetSysColor

mfc42u

ord1584
ord2110
ord1812
ord5632
ord6328
ord2784
ord2752
ord6510
ord1063
ord659
ord4598
ord6813
ord4836
ord2559
ord2515
ord6071
ord4191
ord1388
ord5615
ord2412
ord3468
ord5722
ord5724
ord4368
ord5065
ord5730
ord5711
ord6053
ord4983
ord3916
ord2842
ord1950
ord3820
ord2595
ord4544
ord2449
ord1471
ord4045
ord5425
ord1254
ord1537
ord2178
ord2903
ord1650
ord6818
ord6632
ord2661
ord3939
ord3937
ord5804
ord6821
ord5815
ord6832
ord2329
ord5702
ord4557
ord4694
ord6812
ord5586
ord2399
ord5077
ord5663
ord4752
ord1777
ord4365
ord6437
ord3177
ord2517
ord2105
ord5406
ord4721
ord5687
ord3761
ord6440
ord1778
ord5712
ord3535
ord4770
ord4771
ord4988
ord4371
ord3164
ord4077
ord4083
ord4082
ord3046
ord3166
ord3052
ord3366
ord3231
ord4815
ord3362
ord3243
ord5245
ord3049
ord1067
ord5699
ord665
ord2140
ord2457
ord5683
ord6887
ord1736
ord5484
ord3933
ord6814
ord2060
ord2670
ord4789
ord626
ord5229
ord1040
ord4017
ord337
ord408
ord852
ord904
ord1126
ord826
ord5467
ord2420
ord2427
ord2906
ord6102
ord1646
ord1441
ord528
ord2408
ord3740
ord1574
ord6131
ord1647
ord4621
ord4442
ord2138
ord286
ord6351
ord3830
ord4131
ord4473
ord6127
ord2898
ord1387
ord6791
ord6243
ord303
ord2586
ord3790
ord4599
ord3742
ord2574
ord2393
ord3743
ord822
ord3862
ord4741
ord4609
ord650
ord1055
ord336
ord851
ord310
ord624
ord2846
ord2975
ord5887
ord620
ord6612
ord1124
ord1259
ord622
ord1499
ord6614
ord2776
ord3894
ord1122
ord1035
ord6767
ord4860
ord4027
ord2775
ord3805
ord4746
ord2024
ord2425
ord6801
ord1774
ord4427
ord4543
ord2592
ord6886
ord911
ord4565
ord4633
ord4817
ord5524
ord5521
ord3141
ord2405
ord2750
ord387
ord890
ord627
ord1041
ord6880
ord6225
ord5093
ord4548
ord4759
ord4774
ord5674
ord4806
ord4784
ord1674
ord2671
ord5704
ord5659
ord4364
ord4461
ord2919
ord2920
ord1463
ord3536
ord5839
ord1838
ord1316
ord5420
ord3481
ord5979
ord4436
ord4601
ord6705
ord6708
ord4602
ord2783
ord525
ord984
ord4124
ord6842

msvcrt

wcsncpy
??_V@YAXPEAX@Z
??_U@YAPEAX_K@Z
wcsstr
_CxxThrowException
memset
memcpy
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
__CxxFrameHandler
iswspace
_wcsnicmp
memmove
wcsncmp
swprintf
_wspawnlp

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString

shlwapi

PathParseIconLocationW
PathRemoveArgsW
PathCanonicalizeW
PathFileExistsW
PathMakePrettyW

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_GetIcon
ord17
ImageList_ReplaceIcon

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shell32

Shell_NotifyIconW
ShellExecuteW
ShellExecuteExW

stlang64

LocalizeString
LocalizeSetLangID

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a05331f5167f4a2de85e957c7411b432

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

mfc42u

msvcrt

ole32

oleaut32

shlwapi

comctl32

version

shell32

stlang64

Sections

.text Size: 111KB - Virtual size: 111KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 379KB - Virtual size: 379KB

.text
Size: 111KB - Virtual size: 111KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 379KB - Virtual size: 379KB