9fb8d5d6af818a76ea3b97782254d7d7d4abc0bc646cc7012ca82450dce85013

Sharing

Copy URL

Twitter E-mail

General

Target

9fb8d5d6af818a76ea3b97782254d7d7d4abc0bc646cc7012ca82450dce85013
Size

852KB
MD5

0ced7ab28d89c5f97bbda05cee6ca740
SHA1

f485babd71fcf615ec2ed0b7ac7db6f6de79a569
SHA256

9fb8d5d6af818a76ea3b97782254d7d7d4abc0bc646cc7012ca82450dce85013
SHA512

29d6a4f678b626549e6e93fd13606f1bc782baac31d3e4824d75bea1977f37017e100bbd2f879ea372b564821fe178028a879f2ce846651675a8e1705912f5cc
SSDEEP

24576:fDBjQ8/ZtobzrKknhGUFVmo6rvNjsFZp:ljBZubzrKknZ6v5js

Score

N/A

Malware Config

Signatures

Files

9fb8d5d6af818a76ea3b97782254d7d7d4abc0bc646cc7012ca82450dce85013
.exe windows x86

908cb1e1dc84a3c7231f435299f5da31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wtsapi32

WTSSetUserConfigA
WTSRegisterSessionNotification
WTSSendMessageA
WTSQueryUserConfigA
WTSSetSessionInformationA
WTSCloseServer
WTSUnRegisterSessionNotification
WTSVirtualChannelRead
WTSQuerySessionInformationA
WTSWaitSystemEvent
WTSVirtualChannelOpen
WTSEnumerateSessionsA
WTSEnumerateServersA
WTSQueryUserToken
WTSVirtualChannelClose
WTSOpenServerA
WTSVirtualChannelWrite

uxtheme

GetThemeColor
GetWindowTheme
GetThemeSysSize
GetThemeInt
CloseThemeData
GetThemeEnumValue
GetThemeFont
DrawThemeBackground
GetThemeTextMetrics
IsThemeActive
SetWindowTheme
OpenThemeData

ntshrui

IsPathSharedW
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecCharString
ASN1BERDecCheck
ASN1BERDecNull
ASN1BERDecBool
ASN1BERDecEoid

kernel32

FindResourceA
lstrcpynA
ConnectNamedPipe
GetSystemTime
CreateMutexA
FoldStringA
DisconnectNamedPipe
InterlockedExchange
lstrcmpA
CompareStringA
GetDriveTypeA
SetFileAttributesA
FileTimeToSystemTime
VirtualQueryEx
QueryDosDeviceA
GetModuleHandleA
CreatePipe
GetProcessHeap
GetEnvironmentVariableA
CreateEventA
CreateSemaphoreA
CreateNamedPipeA
lstrcmpiA
CreateMailslotA
ReadFile
SetCurrentDirectoryA
GetVolumePathNameA
OpenMutexA
GetFileSize
GetCurrentDirectoryA
PurgeComm
InterlockedDecrement
GetProcAddress
GetMailslotInfo
FileTimeToLocalFileTime
GetModuleFileNameA
CreateTimerQueue
CopyFileA
GetLogicalDrives
GetDiskFreeSpaceA
GetLongPathNameA
CloseHandle
GetFullPathNameA
FormatMessageA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 5KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

908cb1e1dc84a3c7231f435299f5da31

Headers

File Characteristics

Imports

wtsapi32

uxtheme

ntshrui

msasn1

kernel32

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 798KB - Virtual size: 798KB

.bdata Size: 5KB - Virtual size: 1.4MB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 798KB - Virtual size: 798KB

.bdata
Size: 5KB - Virtual size: 1.4MB