c9940854478c18fb9013152abafe3b3061f52613a9e38e8724513b508e1b48cf

Sharing

Copy URL Twitter E-mail

General

Target

c9940854478c18fb9013152abafe3b3061f52613a9e38e8724513b508e1b48cf
Size

552KB
MD5

e0247fef3465a9f630bdcb357afbd39b
SHA1

774f384c65ccee015b6326cef613111225e3499e
SHA256

c9940854478c18fb9013152abafe3b3061f52613a9e38e8724513b508e1b48cf
SHA512

0f4a9b7605efb5a49206aad49b49d6b260ea4ef3bcb517b5f2ef84f2cbfa835e677952376784adf6d7489be8e8f7eb8ecd5ebd0f2f1cd3da2d5531380cbe6f89
SSDEEP

12288:sQ4TWQvadhrOIGd6AJK0U3zhmZdmQZOwb/4XRul:sNWQvadR8siC3FwV7su

Score

N/A

Malware Config

Signatures

Files

c9940854478c18fb9013152abafe3b3061f52613a9e38e8724513b508e1b48cf
.exe windows x86

7726284ccd3cb540481200cabdd25d56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
RegDeleteValueW
LookupPrivilegeDisplayNameA
RegSetValueA
RegQueryValueW
RegDeleteKeyA
CryptDuplicateKey
CryptEnumProvidersW
CreateServiceA
RegSetValueExW
RegEnumValueW
RegRestoreKeyA
RegOpenKeyExA
DuplicateTokenEx
RegCreateKeyExA
RegSetValueW
RegDeleteKeyW
ReportEventW
LookupPrivilegeNameW
RegQueryValueExW
CryptSetProviderA
RegFlushKey

user32

IsWindowUnicode
SendDlgItemMessageW
SetWindowPlacement
CreateDialogIndirectParamA
ImpersonateDdeClientWindow
GetMonitorInfoW
GetSystemMetrics
DdeInitializeW
DrawIconEx
ValidateRect
DestroyWindow
ReuseDDElParam
GetGuiResources
ShowScrollBar
EnumPropsA
GetMenuStringW
TrackPopupMenuEx
RegisterClassExA
EnumDisplaySettingsExW
CharPrevA
GetKeyboardLayoutList
RedrawWindow
LoadMenuIndirectW
SwitchDesktop
DdeCmpStringHandles
ReleaseCapture
ShowWindow
LoadAcceleratorsW
OemToCharW
IsDlgButtonChecked
BeginPaint
RegisterClassA
DdeSetUserHandle
PostThreadMessageW
GetShellWindow
FindWindowW
GetInputState
ChangeMenuA
RegisterDeviceNotificationA
GetMessagePos
DefWindowProcW
EnumWindowStationsA
GetMenu
SetProcessDefaultLayout
KillTimer
RegisterClassExW
IsCharAlphaNumericA
ScrollWindowEx
GetTitleBarInfo
GetKBCodePage
CreateWindowExW
SetWindowTextW
SetWinEventHook
EmptyClipboard
MessageBoxA
DestroyIcon
VkKeyScanA
CheckMenuItem
InternalGetWindowText
GetMessageTime
CharPrevW
GetMessageW
GetTabbedTextExtentW
SetFocus
GetKeyboardState
HideCaret
GetClassLongW
AttachThreadInput

wininet

FindFirstUrlCacheContainerA
FindFirstUrlCacheContainerW
DeleteUrlCacheGroup
FindNextUrlCacheEntryW
GopherGetLocatorTypeA
UnlockUrlCacheEntryStream
InternetDialW
RetrieveUrlCacheEntryFileW

comctl32

ImageList_GetFlags
DrawInsert
CreateToolbar
InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_DragLeave
ImageList_Remove
ImageList_Create
ImageList_Replace
ImageList_DragEnter
ImageList_SetImageCount
CreateStatusWindow
ImageList_GetImageCount
_TrackMouseEvent
CreateMappedBitmap
DestroyPropertySheetPage

kernel32

UnhandledExceptionFilter
TlsAlloc
SetHandleCount
SetEnvironmentVariableA
GetEnvironmentStringsA
GetCurrentProcessId
InitializeCriticalSection
WriteFile
GetStdHandle
LoadLibraryA
SetStdHandle
GetConsoleCP
IsValidLocale
GetThreadTimes
GetUserDefaultLCID
SetConsoleCtrlHandler
lstrcpynW
WritePrivateProfileStringA
CreateFileMappingW
RtlUnwind
InterlockedDecrement
GlobalGetAtomNameW
SetFilePointer
OpenFileMappingW
GetModuleHandleA
GetCurrentThreadId
GetProcessHeap
GetCurrentProcess
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetACP
LCMapStringW
FreeEnvironmentStringsW
GetOEMCP
GlobalUnlock
WriteConsoleA
FreeLibrary
GetEnvironmentStrings
EnumSystemCodePagesA
DeleteCriticalSection
GetDateFormatA
GetConsoleMode
GetFileType
TlsSetValue
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
GetTimeZoneInformation
CompareStringA
GetSystemTimeAsFileTime
RtlFillMemory
GetTimeFormatA
EnumResourceTypesW
InterlockedExchange
GetModuleFileNameA
QueryPerformanceCounter
FlushFileBuffers
HeapFree
GetStringTypeW
IsDebuggerPresent
CompareStringW
GetTickCount
GetLocaleInfoW
HeapAlloc
UnlockFile
MultiByteToWideChar
LeaveCriticalSection
ExitProcess
EnumSystemLocalesA
Sleep
CreateFileA
SetCriticalSectionSpinCount
TerminateProcess
GetConsoleOutputCP
ReadConsoleOutputCharacterA
GetCurrentThread
SetUnhandledExceptionFilter
HeapCreate
GetProcAddress
EnterCriticalSection
LCMapStringA
IsValidCodePage
InterlockedIncrement
TlsFree
CreateMutexA
TlsGetValue
GetLastError
VirtualAlloc
VirtualFree
OpenMutexA
GetCommandLineA
GetVersionExA
GetCPInfo
LoadLibraryW
HeapReAlloc
VirtualQuery
WriteConsoleW
GetStartupInfoA
SetLastError
CloseHandle
DeleteFileW
HeapDestroy
ReadFile

gdi32

EqualRgn
PolyPolyline
SetAbortProc
CreateFontIndirectA
CreateDIBSection
CreateEllipticRgnIndirect
GetMetaFileBitsEx
GetAspectRatioFilterEx
PlgBlt

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7726284ccd3cb540481200cabdd25d56

Headers

File Characteristics

Imports

advapi32

user32

wininet

comctl32

kernel32

gdi32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 112KB - Virtual size: 135KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 112KB - Virtual size: 135KB

.rsrc
Size: 16KB - Virtual size: 13KB