9e5a01eb6dac841c1c8cc334c89833cb5715b03f55981fb46a8868aedd972727

Sharing

Copy URL

Twitter E-mail

General

Target

9e5a01eb6dac841c1c8cc334c89833cb5715b03f55981fb46a8868aedd972727
Size

95KB
MD5

a38cb3a7c8f413b5a853d5c9d21751a0
SHA1

61cbe1bd8c8d10be2331ca7de19f69868e8975c3
SHA256

9e5a01eb6dac841c1c8cc334c89833cb5715b03f55981fb46a8868aedd972727
SHA512

9a1909c1e90808e99a146c33f0f0a08200a46e0c19ad7f82da9cb6cb1a6018a5d4303f97ce381b84904b242c72467c523a6c4eb82e47cd8574f87d6380faee4e
SSDEEP

1536:WYTfkFNqYaSWbTAuC6hgo/3qCCHT2n94aLkIDLxzxoUjSHtgI71:pTfkFN2SWbTAuCPWqJHT2n94abplTjSv

Score

N/A

Malware Config

Signatures

Files

9e5a01eb6dac841c1c8cc334c89833cb5715b03f55981fb46a8868aedd972727
.exe windows x86

4ae4923e5d63909d2a3ffdd916ca6d0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetFileInformationByHandle
HeapReAlloc
GetStringTypeW
LCMapStringW
Sleep
SetEnvironmentVariableA
MultiByteToWideChar
CompareStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetLastError
InitializeCriticalSection
GetProcessHeap
GetCommandLineW
HeapAlloc
HeapSize
ExitProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
IsProcessorFeaturePresent
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle

user32

GetUpdateRgn
LoadStringA
LoadBitmapA
GetParent
LoadIconA
ScrollDC
GetWindowLongA
EnableMenuItem
SetClassLongA
EnumWindowStationsW
RegisterClassW
IsWindowVisible
UpdateWindow
LoadCursorA
SendDlgItemMessageA

gdi32

DeleteObject
CreateRectRgn
CreatePatternBrush
GetStockObject
SetPixel

advapi32

GetUserNameA

shell32

SHGetFolderLocation
CommandLineToArgvW
ord155
SHGetFileInfoW
SHGetFileInfoA

shlwapi

PathFileExistsW

oleacc

GetStateTextA

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ae4923e5d63909d2a3ffdd916ca6d0e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

oleacc

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 7KB - Virtual size: 6KB