9b776b65bbdee757d63828709a11c928c193d1cea91dbe579380fa68f06bb980

Sharing

Copy URL Twitter E-mail

General

Target

9b776b65bbdee757d63828709a11c928c193d1cea91dbe579380fa68f06bb980
Size

64KB
MD5

79011191abdfab63fd3513275dcc2e3a
SHA1

a2d6be060f2f6bc083619ce1932e57cfdfab3f37
SHA256

9b776b65bbdee757d63828709a11c928c193d1cea91dbe579380fa68f06bb980
SHA512

ae8cd00e7d44343d2772270e41412cbef97b2b17bbb3999251b7e2694e820fb2679330114f34c97fdf4312430d94fbd9024d7891abb89e4f1826dfec379dbfbf
SSDEEP

1536:6q7zTJFvwJnMgmq/LoeZSCnjlZa6kbFoO1wx:9FeMgD/LoOnjIbFoO12

Score

N/A

Malware Config

Signatures

Files

9b776b65bbdee757d63828709a11c928c193d1cea91dbe579380fa68f06bb980
.exe windows x86

9dd3be55b68896c2b34ec07c0d170be8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
ArrangeIconicWindows
EndDeferWindowPos
SendDlgItemMessageA
DestroyWindow
OpenIcon
GetDialogBaseUnits
ChildWindowFromPointEx
DialogBoxIndirectParamA
MessageBoxA
GetWindow
CreateDialogIndirectParamA
LoadIconA
GetNextDlgGroupItem

ole32

StgOpenPropStg
CoResumeClassObjects
CoCreateGuid
CoAddRefServerProcess
MkParseDisplayName
WriteClassStg
OleSave
DoDragDrop
OleCreate
OleCreateFromData
CoGetCurrentProcess

gdi32

BitBlt
ChoosePixelFormat
CopyMetaFileW
CreateSolidBrush
FrameRgn
CreateDCA
GetBrushOrgEx
EnumObjects
AddFontResourceW
CopyMetaFileA

kernel32

GetStringTypeA
LCMapStringW
MultiByteToWideChar
ReadFile
SetEndOfFile
LoadLibraryA
GetStringTypeW
GetACP
GetCPInfo
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
CreateFileA
FlushFileBuffers
SetStdHandle
GetOEMCP
FreeEnvironmentStringsA
GlobalLock
OpenSemaphoreA
IsBadWritePtr
LocalFree
LeaveCriticalSection
GlobalSize
LCMapStringA
HeapAlloc
GetLocaleInfoA
ResetEvent
GlobalAlloc
VirtualAlloc
HeapWalk
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetHandleInformation
GetCurrentProcessId
GetComputerNameA
GetEnvironmentVariableA
GetCurrentThreadId
ResumeThread
GetLastError
GetExitCodeThread
SuspendThread
PulseEvent
CloseHandle
LocalReAlloc
VirtualAllocEx
GetCommandLineA
RtlUnwind
GetFullPathNameA
GetStartupInfoA
GetVersion
ExitProcess
EnterCriticalSection
SetFilePointer
InitializeCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
WriteFile
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree

usp10

ScriptShape

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dd3be55b68896c2b34ec07c0d170be8

Headers

File Characteristics

Imports

user32

ole32

gdi32

kernel32

usp10

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 30KB - Virtual size: 111KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 30KB - Virtual size: 111KB

.rsrc
Size: 512B - Virtual size: 16B