a9a5f9c9ef907ac9a61a72e72f814de733e5262d2e1408a1101a671695bd4976

Sharing

Copy URL Twitter E-mail

General

Target

a9a5f9c9ef907ac9a61a72e72f814de733e5262d2e1408a1101a671695bd4976
Size

257KB
MD5

6141c2412e9b2f811674f1285031f1d0
SHA1

70070bcc9745dbc50907a5ba7f70a7e04ac32b77
SHA256

a9a5f9c9ef907ac9a61a72e72f814de733e5262d2e1408a1101a671695bd4976
SHA512

8537e985fc14212ef5d396b5d67f5dd65a0943c888f8e6479d20fc3c491afafb13a12b7f6311329da812d9db84dbbc7e5d2910cbb2800b58fee56b5915b25859
SSDEEP

6144:uAYc/0IQNb4TdjEG3dRLceYPemGp5XKyWCreot4:ubcs9IDLce5CCKd

Score

N/A

Malware Config

Signatures

Files

a9a5f9c9ef907ac9a61a72e72f814de733e5262d2e1408a1101a671695bd4976
.exe windows x86

fdbe8935b14b1defdf52523d6da81ae1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

kernel32

GetFileAttributesA
CreateDirectoryW
GetFileAttributesW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
OutputDebugStringW
GetCurrentThreadId
WideCharToMultiByte
GetCurrentProcessId
FindClose
FindNextFileW
DeleteFileW
GetLastError
FindFirstFileW
GlobalLock
GlobalAlloc
CloseHandle
FlushFileBuffers
WritePrivateProfileStringW
WriteFile
SetFilePointer
GetTempPathA
CreateFileW
WritePrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
CopyFileW
MoveFileW
InterlockedExchangeAdd
ExitProcess
MapViewOfFile
ReleaseMutex
CreateFileMappingW
WaitForSingleObject
CreateMutexW
TerminateProcess
GetCurrentProcess
TlsSetValue
FindCloseChangeNotification
FindFirstChangeNotificationW
TlsGetValue
CreateDirectoryA
TlsAlloc
LoadLibraryW
GetSystemInfo
FreeLibrary
UnmapViewOfFile
InterlockedDecrement
TlsFree
OpenFileMappingW
GetCommandLineW
lstrlenW
LocalFree
GetProcAddress
GetTickCount
CreateThread
TerminateThread
WaitForMultipleObjects
Sleep
GetTempPathW
GetFileSize
CreateEventW
GetSystemTimeAsFileTime
lstrlenA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
SetStdHandle
VirtualProtect
GetCurrentDirectoryW
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetModuleFileNameW
GlobalUnlock
GlobalFree
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
HeapDestroy
GetLocalTime
LoadLibraryA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
GetCurrentDirectoryA
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlUnwind
HeapFree
GetVersionExA
GetFullPathNameW
SetLastError
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate

user32

PostMessageW
PostQuitMessage
CreatePopupMenu
DestroyMenu
wsprintfW
TrackPopupMenu
MessageBoxW
CharLowerBuffW
AppendMenuW
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
ShowWindow
UpdateWindow
RegisterWindowMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
GetSystemMetrics
LoadImageW
GetLastActivePopup
GetCursorPos
SetForegroundWindow

gdi32

GetStockObject

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
OleRun
StringFromIID

oleaut32

VariantInit
VariantCopy
VariantClear
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
GetErrorInfo

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fdbe8935b14b1defdf52523d6da81ae1

Headers

File Characteristics

Imports

urlmon

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

shlwapi

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 84KB - Virtual size: 84KB