96b165b99732af8ba9dcc02189a8dd1226ad046356883761913fd9928a28e3df

Sharing

Copy URL Twitter E-mail

General

Target

96b165b99732af8ba9dcc02189a8dd1226ad046356883761913fd9928a28e3df
Size

820KB
MD5

4cfd7b25a572c15e8d966fd1912f8d74
SHA1

4a2a55c652d2bd4e3fbf1ef3ead3a92e65ca27ed
SHA256

96b165b99732af8ba9dcc02189a8dd1226ad046356883761913fd9928a28e3df
SHA512

e009a7138b0c9389fd68165a9bf9fb0364cb46a56215df356fc73fb96182f0046037c1b479b9325622619aabf5334fcdf39ef1d9516ba7857e531266717a64de
SSDEEP

24576:2omnag+rh40o+I67qF9H3mlnWlCca1voSg:2Hag++0xI6W9X2Wocap

Score

N/A

Malware Config

Signatures

Files

96b165b99732af8ba9dcc02189a8dd1226ad046356883761913fd9928a28e3df
.exe windows x86

f9a325f2798dfdfe2a3981cc12026bb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegQueryValueW
LookupPrivilegeNameW
RegReplaceKeyA
InitiateSystemShutdownW

comctl32

ImageList_DrawEx
ImageList_GetImageInfo
ImageList_DragEnter
DestroyPropertySheetPage
ImageList_DragLeave
ImageList_SetFlags
CreateMappedBitmap
ImageList_BeginDrag
DrawStatusText
InitMUILanguage
InitCommonControlsEx
ImageList_Draw
ImageList_DragShowNolock

user32

GetMenuItemCount
GetListBoxInfo
CallNextHookEx
CheckMenuRadioItem
GetWindowThreadProcessId
IntersectRect
EnumDesktopWindows
DdeAddData
DlgDirSelectComboBoxExW
RegisterClassA
AdjustWindowRectEx
SetDebugErrorLevel
GetGUIThreadInfo
UnhookWinEvent
InvalidateRgn
CreateAcceleratorTableA
PostQuitMessage
CopyAcceleratorTableW
DlgDirListComboBoxA
GetWindowModuleFileNameA
DefMDIChildProcA
DefWindowProcA
ClientToScreen
GetMessageA
DdeUninitialize
IsWindowVisible
GetKeyState
RegisterClassExA
WINNLSEnableIME
DestroyWindow
GetWindowContextHelpId
MessageBoxA
SetWinEventHook
ShowWindow
RegisterDeviceNotificationW
CreateWindowExA
GetClassNameW
MoveWindow
TranslateAcceleratorA
MapDialogRect
DrawStateA
CharUpperA
SetDoubleClickTime
GetMessageExtraInfo
DdeDisconnectList
CopyAcceleratorTableA
DispatchMessageA
DdeNameService
TranslateAcceleratorW
GetGuiResources
DdeQueryNextServer
GetUserObjectInformationA
CreateWindowExW
DialogBoxParamA
IsWindowEnabled
DefMDIChildProcW

kernel32

CreateFileA
CompareStringA
RtlUnwind
WideCharToMultiByte
GetStringTypeA
GetTimeFormatA
TransactNamedPipe
CreateNamedPipeW
InterlockedExchange
InterlockedCompareExchange
LCMapStringA
GetStartupInfoW
CreateMutexA
LeaveCriticalSection
GetDateFormatA
GetTickCount
WriteConsoleA
VirtualAlloc
InterlockedIncrement
IsDebuggerPresent
HeapAlloc
WaitForMultipleObjects
ReadFile
GetTimeZoneInformation
SetLastError
GetCurrentProcessId
DeleteFileW
GetEnvironmentStringsW
CreateEventW
GetStartupInfoA
HeapSize
GetCPInfo
GetLastError
GetConsoleCP
QueryPerformanceCounter
VirtualQuery
WriteConsoleW
GetCommandLineA
FreeEnvironmentStringsW
LoadLibraryA
SetHandleCount
GetStringTypeW
TerminateProcess
GetSystemTimeAsFileTime
GetUserDefaultLCID
SetConsoleCtrlHandler
IsValidLocale
InitializeCriticalSection
SetStdHandle
TlsFree
GetCommandLineW
lstrcmpiA
HeapCreate
EnumSystemLocalesA
DeleteCriticalSection
LocalShrink
FlushFileBuffers
VirtualFree
GetCurrentThread
GetVersionExA
FreeEnvironmentStringsA
GetModuleFileNameA
HeapFree
SetConsoleTitleA
GetStdHandle
GetFileType
GetEnvironmentStrings
ConvertDefaultLocale
IsValidCodePage
TlsSetValue
WriteFile
GetModuleFileNameW
GetUserDefaultLangID
GetModuleHandleA
FreeLibrary
GetCurrentThreadId
TlsGetValue
GetACP
Sleep
GetFileAttributesW
InterlockedDecrement
CompareStringW
MultiByteToWideChar
SetFilePointer
GetProcessHeap
EnterCriticalSection
GetLocaleInfoW
OpenMutexA
SetEnvironmentVariableA
CloseHandle
UnmapViewOfFile
HeapReAlloc
GetCurrentProcess
GetConsoleMode
HeapDestroy
LCMapStringW
GetProcAddress
GetOEMCP
LocalReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExitProcess
GetConsoleOutputCP
TlsAlloc
LoadLibraryW
GetLocaleInfoA

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9a325f2798dfdfe2a3981cc12026bb0

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 408KB - Virtual size: 407KB

.data Size: 140KB - Virtual size: 137KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 408KB - Virtual size: 407KB

.data
Size: 140KB - Virtual size: 137KB

.rsrc
Size: 36KB - Virtual size: 34KB