9ebccd2a019ff0bdf8bee7c875c7aaef5b6dc920657fdcae44b9172e56194609

Sharing

Copy URL Twitter E-mail

General

Target

9ebccd2a019ff0bdf8bee7c875c7aaef5b6dc920657fdcae44b9172e56194609
Size

431KB
MD5

133e01867ebf340d10a42af723f3d6f3
SHA1

142c3e53eb44a91fca471b3321393ee2e0043f9e
SHA256

9ebccd2a019ff0bdf8bee7c875c7aaef5b6dc920657fdcae44b9172e56194609
SHA512

4151ecaabf1f8c8310d4cbaa8b1c995af966ff805b6de3c13abdad38208549c74d04398048fbca66e6e54a18cb8ae3dc08255c4e565f055c698676792a7b7676
SSDEEP

6144:DimCLjrh8D4qYzPx12TFS+ClL2osAda/c+3Wr5KG04X0bCipmXrFrkssPeaxA:+mCdiPYzqFt6RZdRr4GDmPArksJaxA

Score

N/A

Malware Config

Signatures

Files

9ebccd2a019ff0bdf8bee7c875c7aaef5b6dc920657fdcae44b9172e56194609
.exe windows x86

24a632261cdd34903875a68efb236c05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

lstrcpyA
GetProcessHeap
SetEndOfFile
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
LCMapStringW
CreateFileA
GetTickCount
GetLastError
WriteConsoleW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
DeleteCriticalSection
SetHandleCount
GetCurrentThreadId
GetVersion
CloseHandle
GetModuleFileNameA
LocalAlloc
LoadLibraryA
GetProcAddress
SetLastError
TlsFree
MultiByteToWideChar
lstrcatA
FreeLibrary
CreateFileW
Sleep
GetVolumeInformationA
LoadLibraryW
ReadFile
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapFree
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
HeapCreate
RtlUnwind
GetCPInfo
InterlockedIncrement

user32

DialogBoxParamA
FindWindowA
EndPaint
InsertMenuItemA
GetWindowDC
FillRect
DrawTextA
LoadStringA
GetClientRect
SendMessageA
BeginPaint
GetDC
SetDlgItemInt
MessageBoxA
InvalidateRect
CreateWindowExA
ReleaseDC
DefWindowProcA
GetCursorPos
CreatePopupMenu

gdi32

SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
FillRgn
GetStockObject
CreateSolidBrush
TextOutA
DeleteDC

winspool.drv

EnumPrintersA

comdlg32

FindTextA

advapi32

AdjustTokenGroups

secur32

AcceptSecurityContext
InitializeSecurityContextA
AcquireCredentialsHandleA

wtsapi32

WTSEnumerateSessionsA

Sections

.text
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24a632261cdd34903875a68efb236c05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

secur32

wtsapi32

Sections

.text Size: 269KB - Virtual size: 269KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 269KB - Virtual size: 269KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 9KB - Virtual size: 9KB