9654a82cb420b143e071f140d852d560834e9bf44a7c6854da8405480bb6168d

Sharing

Copy URL Twitter E-mail

General

Target

9654a82cb420b143e071f140d852d560834e9bf44a7c6854da8405480bb6168d
Size

306KB
MD5

806924d73f01ee954930ef24fba71980
SHA1

cf2dd07a17ac9b17caa9aabf086ff7f26bc06160
SHA256

9654a82cb420b143e071f140d852d560834e9bf44a7c6854da8405480bb6168d
SHA512

0050127b505b6f39daf2f11f99790939daebbfc8e886745e754c4535daf815af497654bb3f3d2485e72825ad09e29bdf9f2a007d9fb1534155431b2c344ecfc9
SSDEEP

6144:DPwmvn/z6ONttxWz0UXKoojGoG0oBe19P11+MTR2ydLZxi9XoCg:DotA9Wz0EK5jGoGk9NgO2+9xiRof

Score

N/A

Malware Config

Signatures

Files

9654a82cb420b143e071f140d852d560834e9bf44a7c6854da8405480bb6168d
.exe windows x86

f9972b5f365f8aa366a0b76dae35ffc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleW
lstrcatA
GetSystemDirectoryA
BackupWrite
CallNamedPipeA
ChangeTimerQueueTimer
ClearCommError
CloseHandle
CommConfigDialogW
CompareFileTime
CreateEventW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateProcessW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
EnterCriticalSection
EnumCalendarInfoA
EnumSystemLanguageGroupsA
FatalAppExitA
FileTimeToDosDateTime
FillConsoleOutputAttribute
FindFirstFileA
FindNextFileW
FindResourceExA
FoldStringA
FreeLibrary
GetBinaryType
GetComputerNameA
GetConsoleAliasW
GetConsoleAliasesLengthA
GetConsoleAliasesLengthW
GetConsoleCP
GetCurrentProcessId
GetDefaultCommConfigA
GetLocaleInfoW
GetNumberFormatW
GetNumberOfConsoleMouseButtons
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileSectionW
GetProcessAffinityMask
GetProcessShutdownParameters
GetProcessWorkingSetSize
GetProfileSectionW
GetStartupInfoW
GetSystemInfo
GetSystemWindowsDirectoryA
GetTempFileNameW
GetThreadSelectorEntry
GetUserDefaultUILanguage
GetVersionExA
GetWriteWatch
GlobalAlloc
GlobalFindAtomW
GlobalSize
Heap32ListFirst
HeapAlloc
HeapFree
HeapReAlloc
GetModuleHandleA
InitializeCriticalSection
InterlockedIncrement
IsBadReadPtr
IsBadStringPtrA
IsBadStringPtrW
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LocalLock
LockFile
MoveFileA
MoveFileExA
OpenFileMappingA
OpenProcess
Process32FirstW
ReadConsoleInputA
ReadConsoleW
ReadFileEx
ReleaseMutex
ReplaceFileA
ReplaceFileW
RequestDeviceWakeup
ResetWriteWatch
SearchPathA
SearchPathW
SetCommBreak
SetCommMask
SetConsoleActiveScreenBuffer
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetConsoleWindowInfo
SetDefaultCommConfigW
SetEvent
SetFileApisToOEM
SetLastError
SetProcessAffinityMask
SetProcessShutdownParameters
SetStdHandle
SetVolumeLabelA
SignalObjectAndWait
TerminateProcess
UnlockFile
UpdateResourceW
VerifyVersionInfoW
VirtualAlloc
VirtualFree
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFileGather
WriteProfileSectionA
WriteTapemark
_hwrite
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrlen
InitAtomTable
GetProcAddress

user32

PtInRect
RealGetWindowClass
RegisterWindowMessageA
RemovePropA
RemovePropW
ReplyMessage
ScreenToClient
SendDlgItemMessageW
SendMessageA
SendNotifyMessageW
SetCaretPos
SetForegroundWindow
SetLastErrorEx
SetMessageExtraInfo
SetProcessWindowStation
SetPropW
SetScrollRange
SetSysColors
SetWindowPlacement
SetWindowPos
SetWindowRgn
ShowCursor
SystemParametersInfoA
ToUnicode
UpdateWindow
WinHelpA
WinHelpW
wsprintfW
PaintDesktop
OemKeyScan
MsgWaitForMultipleObjectsEx
ModifyMenuW
MessageBeep
MapVirtualKeyExW
LoadMenuW
LoadKeyboardLayoutW
LoadImageW
LoadAcceleratorsW
LoadAcceleratorsA
IsZoomed
IsRectEmpty
IsHungAppWindow
IsCharAlphaNumericA
IsCharAlphaA
InternalGetWindowText
IMPGetIMEA
GetWindowWord
GetWindowRect
GetWindowModuleFileName
GetWindowLongW
GetWindow
GetUpdateRgn
GetSystemMenu
GetMonitorInfoA
GetMessageTime
GetMenuState
GetKeyboardLayoutList
GetKeyboardLayout
GetInputDesktop
GetClipboardViewer
GetClassNameW
GetActiveWindow
ExitWindowsEx
EnumWindowStationsW
EnumChildWindows
EndDeferWindowPos
DrawTextExW
DrawMenuBar
DispatchMessageW
DestroyMenu
DestroyCaret
DdeSetUserHandle
DdeQueryConvInfo
DdeConnectList
DdeCmpStringHandles
CreateIconFromResource
CreateDialogIndirectParamA
CopyIcon
ClipCursor
ClientToScreen
ChildWindowFromPoint
CharToOemBuffW
CharPrevA
CharNextExA
CharLowerA
ChangeClipboardChain
CallNextHookEx
BroadcastSystemMessageW
BringWindowToTop
BeginPaint
ArrangeIconicWindows
AppendMenuW
AnimateWindow
LoadIconA
CreateDesktopA

advapi32

RegOpenKeyW

shell32

WOWShellExecute
Shell_NotifyIcon
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
ShellAboutW
CheckEscapesW
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryPoint
ShellAboutA
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
FindExecutableA
SHAddToRecentDocs
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExA
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathW
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHInvokePrinterCommandA
SHInvokePrinterCommandW
SHLoadInProc
SHPathPrepareForWriteA
SHPathPrepareForWriteW

shlwapi

StrChrA
StrChrW
StrCmpNIW
StrCmpNW
StrRChrIW
StrRStrIA
StrRStrIW
StrStrIA
StrStrA

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9972b5f365f8aa366a0b76dae35ffc4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 286KB - Virtual size: 286KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 424B

.data2 Size: 512B - Virtual size: 200B

.data3 Size: 512B - Virtual size: 200B

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 286KB - Virtual size: 286KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 424B

.data2
Size: 512B - Virtual size: 200B

.data3
Size: 512B - Virtual size: 200B

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 2KB