109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2

Sharing

Copy URL

Twitter E-mail

General

Target

109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2
Size

127KB
MD5

8441b6dfb8d8fc680af022724b7f0bb0
SHA1

b73f86c23a24769f83f5fae4afce3d555b4a7d6b
SHA256

109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2
SHA512

0d93e7eeb63485a7ffef6fa0cfc0b5f4ac4699009b4d0bb49824ca5147844fdf525b1b1a434c1533670750c7e32afe946efe4f455d397bded60d99b4c4162e7c
SSDEEP

3072:/Zz/FlBHJtPzfDrcZWZuVeSdGke3ekBsoLi:B7RJlf8/AOGke3R2w

Score

N/A

Malware Config

Signatures

Files

109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2
.exe windows x86

b9183a88111ff3a03855268a6f2e91b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
lstrcmpW
GetModuleHandleW
GlobalLock
LoadResource
CreateProcessW
EnterCriticalSection
GetStartupInfoW
DeleteCriticalSection
GlobalHandle
lstrcmpiW
LeaveCriticalSection
QueryPerformanceCounter
IsProcessorFeaturePresent
VerifyVersionInfoW
GetCurrentProcess
LoadLibraryA
GlobalUnlock
ReadFile
GetCurrentThreadId
RaiseException
lstrlenW
InterlockedExchange
GetStdHandle
VerSetConditionMask
MultiByteToWideChar
InitializeCriticalSection
SetLastError
InterlockedCompareExchange
GetModuleFileNameW
GetSystemTimeAsFileTime
CompareStringW
FreeLibrary
FindResourceW
SizeofResource
TerminateProcess
CloseHandle
HeapFree
LoadLibraryExW
GetCurrentProcessId
GetLastError
FlushInstructionCache
LockResource
WaitForSingleObject
GlobalFree
GlobalAlloc
SetUnhandledExceptionFilter
SetProcessShutdownParameters
PeekNamedPipe
VirtualAlloc
GetProcAddress
GetProcessHeap
OutputDebugStringW
MulDiv
Sleep
VirtualFree
HeapAlloc
GetVersion
VirtualProtect
GetTickCount
InterlockedDecrement
InterlockedIncrement
GetComputerNameA
IsDebuggerPresent
ExitProcess

user32

MessageBoxW
CreateDialogParamW
ClientToScreen
GetPropW
IntersectRect
GetMenuItemCount
DestroyAcceleratorTable
ExitWindowsEx
DestroyIcon
SendDlgItemMessageW
SetCursor
GetActiveWindow
GetCursorPos
SetWindowRgn
IsMenu
FillRect
OffsetRect
GetClassInfoExW
GetDesktopWindow
LoadImageW
DrawFocusRect
SetWindowPos
IsIconic
GetWindowTextLengthW
SetTimer
SetRectEmpty
GetWindowTextW
GetClientRect
SetActiveWindow
PostMessageW
GetWindowRect
GetCapture
CreateDialogIndirectParamW
EnableMenuItem
GetSystemMenu
SendNotifyMessageW
FindWindowExW
GetParent
DialogBoxParamW
MapWindowPoints
SetRect
GetNextDlgTabItem
GetWindowLongW
DefWindowProcW
SetWindowLongW
DestroyWindow
FlashWindowEx
InvalidateRect
GetClipboardData
IsZoomed
GetAncestor
OpenClipboard
InvalidateRgn
SetForegroundWindow
GetDlgItem
MoveWindow
ScreenToClient
CharNextW
GetMenuItemID
AppendMenuW
CloseClipboard
GetUpdateRgn
IsWindow
GetSysColorBrush
TrackMouseEvent
UnregisterClassA
LoadCursorW
GetClassNameW
EnumDisplayMonitors
UpdateWindow
InflateRect
CreateWindowExW
ReleaseDC
IsRectEmpty
CreatePopupMenu
GetMenuState
TranslateMessage
GetSystemMetrics
GetDlgCtrlID
GetDC
IsChild
GetWindowPlacement
RegisterWindowMessageW
InsertMenuItemW
GetFocus
MessageBeep
PostQuitMessage
DrawIconEx
CallWindowProcW
GetWindow
GetMenuItemInfoW
GetMonitorInfoW
DispatchMessageW
PeekMessageW
LoadBitmapW
DrawTextW
LockWindowUpdate
IsWindowEnabled
CreateAcceleratorTableW
MonitorFromWindow
GetForegroundWindow
GetIconInfo
KillTimer
SystemParametersInfoW
CopyRect
EnableWindow
SetWindowTextW
ReleaseCapture
RedrawWindow
TrackPopupMenuEx
GetSysColor
IsWindowVisible
IsDialogMessageW
EqualRect
EndDialog
GetMessagePos
SetFocus
ShowWindow
PtInRect
CharPrevW
SetCapture
CreateMenu
SendMessageW
RegisterClassExW
GetMessageTime
EndPaint
GetKeyState
SetWindowPlacement
DestroyMenu
MonitorFromRect
BeginPaint

gdi32

BitBlt
GetTextExtentPoint32W
DeleteDC
GetStockObject
CreateCompatibleBitmap
CreateSolidBrush
SetDCPenColor
GetTextMetricsW
SetTextColor
CreateRectRgn
DeleteObject
GetDeviceCaps
CreateFontIndirectW
SetBkMode
SetBkColor
GetClipRgn
CombineRgn
GetObjectW
SetDCBrushColor
Polyline
CreateCompatibleDC
SelectObject
RectInRegion
SelectClipRgn

comdlg32

GetOpenFileNameW

advapi32

RegDeleteValueW
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW

shell32

ExtractIconExW
ShellExecuteW

oleaut32

SysAllocStringByteLen
VariantInit
SysAllocString
SysFreeString
SysAllocStringLen
SysStringLen
GetErrorInfo
SysStringByteLen
VarUI4FromStr
LoadTypeLi
VariantClear
LoadRegTypeLi
OleCreateFontIndirect

comctl32

_TrackMouseEvent

avifil32

EditStreamClone

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9183a88111ff3a03855268a6f2e91b5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

avifil32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 74KB - Virtual size: 133KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 74KB - Virtual size: 133KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB