9b56c9910dc662a5fde1e2ef93736f12b19ae0b3c33a1a24ea8332feaa26e14f

Sharing

Copy URL Twitter E-mail

General

Target

9b56c9910dc662a5fde1e2ef93736f12b19ae0b3c33a1a24ea8332feaa26e14f
Size

1.2MB
MD5

407e8fca15bcdc3126704e59a1f3c380
SHA1

bf9cc2ea10b3c7f580ad9b5ece20454a1cca5559
SHA256

9b56c9910dc662a5fde1e2ef93736f12b19ae0b3c33a1a24ea8332feaa26e14f
SHA512

937c405c5cee9c75b832098a17d82527256028fa43837c6fcfc596fa03628f06b2278a140007e50f6e378adb49028fbdd7d89721fec7d7755e69a7ae81d2d15f
SSDEEP

12288:GHGFkSEyKsH7Vwn679AbGT2h2/5t3Gg4glOUBLKnOqX2s:YGFkSEyKsBwuWGT2h2/FPTBLGh7

Score

N/A

Malware Config

Signatures

Files

9b56c9910dc662a5fde1e2ef93736f12b19ae0b3c33a1a24ea8332feaa26e14f
.exe windows x86

6d079c2e55dac251c8af219bda72242a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetTempFileNameW
GetTempPathW
lstrcmpiW
GetCommandLineW
GetDiskFreeSpaceExW
SetEnvironmentVariableW
GetEnvironmentVariableW
LocalFree
FindClose
FindFirstFileW
CreateThread
GetModuleFileNameW
GetVersionExW
CompareStringW
CompareStringA
GetFullPathNameA
GetDriveTypeA
ReadFile
SetEndOfFile
DeleteFileW
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
GetLocaleInfoA
HeapSize
LCMapStringW
LCMapStringA
GetTimeZoneInformation
CreateFileA
CloseHandle
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
MultiByteToWideChar
IsValidCodePage
CreateDirectoryW
GetCurrentProcess
Sleep
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleW
lstrlenW
LoadLibraryW
GetLastError
IsValidLocale
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetSystemTimeAsFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapFree
GetFileAttributesW
GetModuleHandleA
ExitProcess
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
GetModuleFileNameA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetEnvironmentVariableA

user32

GetSystemMetrics
MessageBoxW
LoadStringW
CharLowerBuffW
SendMessageW
SendNotifyMessageW
CreateWindowExW
BeginPaint
PeekMessageW
MsgWaitForMultipleObjects
InvalidateRect
RegisterClassW
LoadBitmapW
ShowWindow
SetWindowPos
UpdateWindow
FindWindowW
DefWindowProcW
RegisterClassExW

shell32

CommandLineToArgvW
SHFileOperationW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdi32

Rectangle
DeleteObject
DPtoLP
CreateCompatibleDC
SelectObject
GetMapMode
SetMapMode
BitBlt
DeleteDC
GetObjectW
CreatePen

shlwapi

StrCmpNW
StrDupW
StrRChrW
StrChrW

Exports

Exports

?setup_build_date@@3PBDB
?setup_version@@3PBDB

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d079c2e55dac251c8af219bda72242a

Headers

File Characteristics

Imports

kernel32

user32

shell32

version

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB