9efa4cbe5afa34332c7bcb8115c40d48f510b5d11d398b783e4b62691e5ae9ec

Sharing

Copy URL

Twitter E-mail

General

Target

9efa4cbe5afa34332c7bcb8115c40d48f510b5d11d398b783e4b62691e5ae9ec
Size

436KB
MD5

8084cedf87db02b6fa2e03ba13ee5520
SHA1

1de18e858ae688c8c6b300b64595b50ac888b7c4
SHA256

9efa4cbe5afa34332c7bcb8115c40d48f510b5d11d398b783e4b62691e5ae9ec
SHA512

7e75f81f056af2f0e72d366129bb9b0041a44b74f8cd276ad4e1274658fea388d990d6772addb6030f86786dd727cde1c7842a7babc586a33a40bd3400c7e515
SSDEEP

6144:o7McT0SwVeGDOX7gJo2TedKSvRHnUg5tYRIl7NTfqQrSUzdqTFdud2mFavIwG2UW:zcDeeyuMo2MpUgwYVZ5qRdugmF0JP

Score

N/A

Malware Config

Signatures

Files

9efa4cbe5afa34332c7bcb8115c40d48f510b5d11d398b783e4b62691e5ae9ec
.exe windows x86

51f0a3d07010aca46b7fce0aec14f667

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FatalAppExitA
GetTempPathW
InitializeCriticalSection
LCMapStringA
GetConsoleCursorInfo
lstrcmpiA
GetDateFormatA
GetCommState
SetEvent
CompareStringA
GetCompressedFileSizeW
SetCommMask
CloseHandle
OpenFile
SetMailslotInfo
lstrcmpiW
GetSystemDefaultLangID
GetTapeStatus
FileTimeToLocalFileTime
EnumDateFormatsW
LocalAlloc
IsBadWritePtr
GetShortPathNameW
LocalFileTimeToFileTime
lstrcmpA
DosDateTimeToFileTime
WriteConsoleOutputCharacterA
GetVolumeInformationW
ReadConsoleA
ReadFile
GetPrivateProfileStringW
SetErrorMode
SetFileAttributesA
LeaveCriticalSection
FlushFileBuffers
FindFirstFileA
SetThreadPriorityBoost
GetConsoleMode
AreFileApisANSI
SetCommTimeouts
CreateFileW
CreateMutexA
GlobalFree
GetFileAttributesExA
SetLastError
SetEnvironmentVariableA
FindCloseChangeNotification
WriteFile
ConnectNamedPipe
OpenMutexA
_llseek
OutputDebugStringA
WritePrivateProfileStructA
_lopen
ReleaseMutex
FreeLibraryAndExitThread
FreeEnvironmentStringsA
VirtualProtect
GetCommandLineA
GetTickCount
GetSystemDirectoryW
GlobalReAlloc
GetSystemInfo
GetFileAttributesA
lstrcpynA
FindResourceExA
CreateNamedPipeW
GetModuleFileNameW
GetNumberFormatW
WritePrivateProfileSectionW
GlobalFlags
CreateEventA
VirtualFree
GetVersionExA
lstrlenA
VirtualAlloc
EraseTape
ExitProcess

user32

DrawTextExW
keybd_event
AdjustWindowRect
CreateMenu
SetProcessWindowStation
LoadBitmapA
CountClipboardFormats
LoadMenuIndirectW

gdi32

SetMapMode
StretchDIBits

comdlg32

ChooseColorA
PrintDlgA
PageSetupDlgA
GetSaveFileNameW

advapi32

GetSidLengthRequired
CryptVerifySignatureW
DuplicateToken
GetCurrentHwProfileW
RegDeleteValueA
CreateProcessAsUserW
RegUnLoadKeyW
CryptEncrypt
GetUserNameW
RegQueryInfoKeyW
CryptHashData
AccessCheckAndAuditAlarmW

shell32

Shell_NotifyIconA
SHBrowseForFolderA
DragFinish
DragAcceptFiles

ole32

OleSetClipboard
OleRegGetUserType

oleaut32

SysFreeString
LoadTypeLibEx
VariantChangeType
VariantCopy
SysAllocStringLen
SetErrorInfo
SafeArrayGetElement

comctl32

ImageList_SetDragCursorImage
ImageList_Replace

shlwapi

PathStripToRootA
PathFindExtensionW
StrCmpW

Sections

uaesaag
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

sagqukq
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

sksaiqs
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wiaesq
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51f0a3d07010aca46b7fce0aec14f667

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

uaesaag Size: 336KB - Virtual size: 334KB

sagqukq Size: 4KB - Virtual size: 3KB

sksaiqs Size: 44KB - Virtual size: 40KB

wiaesq Size: 48KB - Virtual size: 44KB

uaesaag
Size: 336KB - Virtual size: 334KB

sagqukq
Size: 4KB - Virtual size: 3KB

sksaiqs
Size: 44KB - Virtual size: 40KB

wiaesq
Size: 48KB - Virtual size: 44KB