9f9786e215d024cd403771e25c9fa995c4975a2d778c11472cd1279388e950a6

Sharing

Copy URL Twitter E-mail

General

Target

9f9786e215d024cd403771e25c9fa995c4975a2d778c11472cd1279388e950a6
Size

347KB
MD5

9349f30ff87420225752e1703bde4f80
SHA1

44574a56d86fe14d8e0ab446e3e17aeb04fdd53f
SHA256

9f9786e215d024cd403771e25c9fa995c4975a2d778c11472cd1279388e950a6
SHA512

9e3b0701a410a94ae97be23d49fbfa0d2ee464f7f7e4e259f671479ccd7aa4fa9603caa24f6bc5f4c19a0b387ee6be05ef926af8a460dcc754e4edbab0102c09
SSDEEP

6144:3N7BusRF6AWRZBVKW1UBizYdERuADFhoJnv8aHqMvlHkUb4svaGF2dHO7vfr42uN:3N7BusRZeZBVdC3WgkToJv8aHJNE0AGQ

Score

N/A

Malware Config

Signatures

Files

9f9786e215d024cd403771e25c9fa995c4975a2d778c11472cd1279388e950a6
.exe windows x86

5b901153c45f2d2168f0fb5c1bf155cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CompareStringA
CompareStringW
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexA
CreateMutexW
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
FlushFileBuffers
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDriveTypeA
GetDriveTypeW
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLongPathNameA
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetTempFileNameW
GetTempPathA
GetThreadLocale
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MultiByteToWideChar
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpynW
lstrlenA
lstrlenW
lstrcatA
CreateFileA
GetTempFileNameA
VirtualAlloc

user32

LoadIconA
LoadIconW

gdi32

GetStockObject

advapi32

RegOpenKeyW

shell32

SHFileOperationA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

StringFromIID
StringFromGUID2
StringFromCLSID
PropVariantCopy
PropVariantClear
OleSaveToStream
OleLoadFromStream
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUnmarshalInterface
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoReleaseMarshalData
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetMalloc
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CLSIDFromString

shlwapi

PathRemoveBackslashW
PathGetCharTypeW
UrlCombineW
PathUndecorateW
PathRemoveFileSpecW
PathGetCharTypeA

msvcrt

wcsncmp
wcslen
wcscspn
wcscpy
wcsncpy
wcschr
wcscat
towupper
towlower
toupper
swscanf
swprintf
strncpy
strchr
srand
realloc
rand
wcspbrk
wcsrchr
wcsspn
wcsstr
wcstombs
wcstoul
wcscmp
_CIpow
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_beginthreadex
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_onexit
_purecall
_snwprintf
_stricmp
_strnicmp
_ultow
_vsnprintf
_vsnwprintf
_wcmdln
_wcsicmp
_wcsnicmp
_wcsupr
_wtoi
_wtoi64
_wtol
abs
atoi
atol
bsearch
ceil
exit
floor
free
isdigit
isspace
iswalnum
iswascii
iswcntrl
iswdigit
iswspace
isxdigit
malloc
memcmp
memcpy
memmove
memset
qsort

Sections

.text
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b901153c45f2d2168f0fb5c1bf155cd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 340KB - Virtual size: 339KB

.data Size: 1024B - Virtual size: 708B

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 340KB - Virtual size: 339KB

.data
Size: 1024B - Virtual size: 708B

.rsrc
Size: 5KB - Virtual size: 5KB