f9a91520f5c56bbfd0760da6952ad3390d536a95404cea083d2b7dd5d47546b6

Sharing

Copy URL Twitter E-mail

General

Target

f9a91520f5c56bbfd0760da6952ad3390d536a95404cea083d2b7dd5d47546b6
Size

165KB
MD5

5802f68571efd6c6f95b8e85850fb940
SHA1

01280b8e3c282fe1f550cf9095a00aa8957dd328
SHA256

f9a91520f5c56bbfd0760da6952ad3390d536a95404cea083d2b7dd5d47546b6
SHA512

09842ed574b82881430b0e5d55f196437325c23d39b6f0cf1e690896eeea9d44fb96832ccd89fffd453eaf11bfb7219311b04f620c3a09eaa8ea2144065d3ca3
SSDEEP

3072:/GD6cBpBinWmHLlgvTTU0JEWfGk7vSXGXqH1mCf9hF/w3DdfFdJYe2uZl+Ny6q4p:/G2cBzSlsTT7sk7vSXKqVmkW3vT8Nyjs

Score

N/A

Malware Config

Signatures

Files

f9a91520f5c56bbfd0760da6952ad3390d536a95404cea083d2b7dd5d47546b6
.exe windows x86

f7cfd9dfe88b37fd381679ee6a689523

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExA
CreateWindowExA
GetClipboardData
GetWindowLongW
OpenWindowStationA
DrawStateA
GetClientRect
CharNextA
OpenInputDesktop
LoadMenuA
LoadImageW
IsCharAlphaA
FillRect
CreateDialogParamA
ScreenToClient
MapVirtualKeyW
GetNextDlgGroupItem
GetSystemMetrics
GetMenuStringA
GetCapture
ActivateKeyboardLayout
InSendMessage
DialogBoxIndirectParamA
CreateWindowExW
IsWindow
GetClassLongW
GetGuiResources
CallWindowProcW
mouse_event
SetScrollInfo
SetProcessDefaultLayout
CheckDlgButton
DefWindowProcA
TranslateAcceleratorA
ReleaseDC
GetClassNameW
GetWindowLongA
InvalidateRect
TranslateMessage
IsDialogMessageA
CharLowerW
EnumWindowStationsA
MessageBeep
GetThreadDesktop
SendDlgItemMessageA
DestroyWindow
WinHelpW
OemToCharBuffA
UnionRect

gdi32

CreateFontIndirectA
TextOutA
PlayMetaFileRecord
GetTextMetricsW

ole32

CoInitialize

ntdll

_allshl
_allmul
_aulldiv

Exports

Exports

?BiletoadalaekivaDuradam@@YGGPCDPCIUtagBITMAP@@N@Z

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rhospa
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Khetby
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bosen
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Cohooy
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7cfd9dfe88b37fd381679ee6a689523

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

ole32

ntdll

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 9KB - Virtual size: 9KB

.Rhospa Size: 11KB - Virtual size: 10KB

.edata Size: 13KB - Virtual size: 12KB

.Khetby Size: 16KB - Virtual size: 15KB

.bosen Size: 12KB - Virtual size: 11KB

.rsrc Size: 12KB - Virtual size: 11KB

.Cohooy Size: 16KB - Virtual size: 15KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 9KB - Virtual size: 9KB

.Rhospa
Size: 11KB - Virtual size: 10KB

.edata
Size: 13KB - Virtual size: 12KB

.Khetby
Size: 16KB - Virtual size: 15KB

.bosen
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 11KB

.Cohooy
Size: 16KB - Virtual size: 15KB

.reloc
Size: 10KB - Virtual size: 9KB