91c9e06e0ff399a4eff06cbd2a5512a6144af70de685a26239b02194412faa28

Sharing

Copy URL

Twitter E-mail

General

Target

91c9e06e0ff399a4eff06cbd2a5512a6144af70de685a26239b02194412faa28
Size

92KB
MD5

6ecf287cf8d64e1efb5282166ca5c848
SHA1

44c04b9927d0ff82901205d53e274369a1dbcdc5
SHA256

91c9e06e0ff399a4eff06cbd2a5512a6144af70de685a26239b02194412faa28
SHA512

a591ce0eee936f947b06fbca22e145137ce7745c12a7f46dd380f2898bc9f7c8d9707a55a4562911f10336ebe0a5399cf9dbdc8addb0b32aa1c75e6bcdbf4418
SSDEEP

1536:oDk2FTfrEMFyWXHuQlrYesejnPRq5xemr7kwTmB5j/+mQ8L8Ev:oDk0rhFTXuQegnPyecgw6B5D+mZL82

Score

N/A

Malware Config

Signatures

Files

91c9e06e0ff399a4eff06cbd2a5512a6144af70de685a26239b02194412faa28
.exe windows x86

bbe50c736d38300e4f4288101e19a7c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
OleInitialize

kernel32

CreateJobObjectW
SetFilePointer
GetPrivateProfileSectionNamesW
ResumeThread
GetPrivateProfileStringW
Sleep
lstrcpyA
MoveFileExW
GetCurrentProcessId
CreateProcessW
lstrcpyW
CreateProcessA
TerminateJobObject
lstrcmpiW
GetTickCount
GetCommandLineW
GetCurrentProcess
TerminateProcess
lstrcmpA
SetFileAttributesW
ExitProcess
SetErrorMode
SetUnhandledExceptionFilter
FindFirstFileW
FindNextFileW
FindClose
GetVolumeInformationA
GetProcAddress
TerminateThread
GetWindowsDirectoryW
lstrcmpW
MoveFileW
GetVersionExW
ExitThread
WaitForMultipleObjects
ExpandEnvironmentStringsW
EnterCriticalSection
GetPrivateProfileIntW
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
CreateFileMappingA
GetEnvironmentVariableW
GetCurrentThreadId
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
WritePrivateProfileStringW
CreateThread
CloseHandle
DeleteFileW
GlobalAlloc
lstrcatW
GetLastError
FormatMessageW
GetModuleHandleA
lstrcatA
GetFileAttributesW
CreateFileW
LocalAlloc
lstrlenA
GetTempPathW
VirtualAlloc
WriteFile
lstrlenW
VirtualFree
ReadFile
CreateDirectoryW
lstrcmpiA
LoadLibraryA
GlobalUnlock
GetTempFileNameW
AssignProcessToJobObject
CopyFileW
GetFileSize
LocalFree
lstrcpynW
GlobalLock
WaitForSingleObject

user32

ScreenToClient
SendMessageTimeoutA
SendMessageTimeoutW
GetWindowRect
PostMessageW
GetKeyboardLayoutList
GetProcessWindowStation
GetDesktopWindow
GetUserObjectInformationW
EnumDisplayDevicesW
GetThreadDesktop
GetSystemMetrics
MonitorFromWindow
ToAscii
SetForegroundWindow
PtInRect
OpenDesktopW
MenuItemFromPoint
HiliteMenuItem
ActivateKeyboardLayout
PrintWindow
BringWindowToTop
GetTopWindow
CreateDesktopW
SetWindowLongA
VkKeyScanExA
GetKeyboardState
GetMenuItemCount
SetActiveWindow
SetWindowPos
GetDC
GetMenu
GetWindow
WindowFromPoint
GetWindowPlacement
IsWindow
GetKeyboardLayout
MoveWindow
SetFocus
LoadKeyboardLayoutA
SystemParametersInfoA
GetParent
GetMessageW
DispatchMessageA
IsWindowVisible
SendMessageW
SetThreadDesktop
ShowWindow
GetWindowLongA
TranslateMessage
GetWindowTextW
OemToCharA
GetClassNameW
GetDlgItem
SetWinEventHook
CharLowerA
UnhookWinEvent
GetWindowThreadProcessId
FindWindowExW
PostMessageA
wsprintfA
FindWindowW
EnumDesktopWindows
OpenClipboard
wvsprintfW
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
wvsprintfA

gdi32

SelectObject
CreateCompatibleBitmap
DeleteDC
CreatePen
Rectangle
GetDIBits
BitBlt
DeleteObject
CreateSolidBrush
CreateCompatibleDC

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegQueryValueA
RegSetValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteValueW
RegSetValueExW
GetTokenInformation
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount

shell32

SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbe50c736d38300e4f4288101e19a7c6

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 5KB - Virtual size: 20KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 5KB - Virtual size: 20KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 4KB