c9294dc38edfacb2353096e5a559f9138ad84e48fcf7e9d1f6a20fc6b75e4ec8

Sharing

Copy URL

Twitter E-mail

General

Target

c9294dc38edfacb2353096e5a559f9138ad84e48fcf7e9d1f6a20fc6b75e4ec8
Size

656KB
MD5

a1a022cebf0d3aed2ba9fb24f5022a00
SHA1

256f1265dab240960a4c064644fa7f425339ba41
SHA256

c9294dc38edfacb2353096e5a559f9138ad84e48fcf7e9d1f6a20fc6b75e4ec8
SHA512

1d4f11686653dc99513e10298ebf8af7952c03608ceb00fbc68d5d707ab0d8984e0db86d2830d47a45e68ef1bd5b9227d6360309293c4fd812775b230e1548e9
SSDEEP

12288:I/qjxBVr5VV9ohwNxc1b76jZ58o5sBJQynEI+3z/Q66Sac:Xrj38oSB01U66SX

Score

N/A

Malware Config

Signatures

Files

c9294dc38edfacb2353096e5a559f9138ad84e48fcf7e9d1f6a20fc6b75e4ec8
.exe windows x86

40bba69786a46576fd8ea2fa82dd64f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrlenA
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
lstrlenW
InterlockedDecrement
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadAffinityMask
Sleep
FileTimeToSystemTime
WaitForMultipleObjectsEx
ResetEvent
GetCurrentProcess
WriteFile
CopyFileW
SetEndOfFile
FreeLibrary
GetProcAddress
SetFilePointer
SystemTimeToTzSpecificLocalTime
CreateDirectoryW
FlushFileBuffers
GetFileAttributesExW
MoveFileW
LoadLibraryW
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
OutputDebugStringA
LocalFree
GetCommandLineA
GetModuleFileNameA
GetSystemDirectoryW
GetSystemDirectoryA
GetVolumeInformationA
FormatMessageA
GetExitCodeThread
RaiseException
GetLocalTime
CancelIo
WideCharToMultiByte
CreateFileA
VirtualAlloc
GetOEMCP
VirtualFree
GetUserDefaultLCID
GetModuleHandleW
GlobalAlloc
GlobalFree
DeviceIoControl
FlushViewOfFile
GetOverlappedResult
OpenMutexW
CreateMutexW
GetTempPathW
GetPrivateProfileIntW
SetCurrentDirectoryW
GetVersionExW
GetCurrentThread
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
InterlockedExchange
UnhandledExceptionFilter
IsDebuggerPresent
GetFileAttributesW
Process32FirstW
CreateEventW
LoadResource
TerminateProcess
CreateFileW
LockResource
Process32NextW
FindResourceW
FindResourceExW
GetSystemTimeAsFileTime
ExitThread
CreateThread
GetTimeFormatA
GetDateFormatA
GetStartupInfoW
RtlUnwind
GetModuleHandleA
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
DeleteFileW
SetLastError
ReadFile
GetFileSize
WritePrivateProfileStringW
SizeofResource
GetTickCount
MulDiv
SetEvent
VirtualQuery
CreateFileMappingW
GetProcessHeap
IsBadWritePtr
CreateToolhelp32Snapshot
HeapFree
Thread32First
SetUnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
HeapAlloc
GetCurrentThreadId
GetCommandLineW
CreateProcessW
GetCurrentProcessId
WaitForSingleObject
OpenThread
GetPrivateProfileStringW
ResumeThread
SuspendThread
GetModuleFileNameW
Thread32Next
CloseHandle
SetEnvironmentVariableA
ReadFileEx
HeapCreate
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA

user32

PostThreadMessageW
GetClientRect
SetTimer
UnregisterClassA
KillTimer
DestroyWindow
SetWindowTextW
SetWindowPos
BringWindowToTop
SetCursor
RegisterClassExW
EndPaint
GetWindowLongW
LoadBitmapW
GetSystemMetrics
SendMessageW
CreateWindowExW
DefWindowProcW
LoadIconW
GetWindowThreadProcessId
PostQuitMessage
InvalidateRect
UpdateWindow
EnableWindow
AttachThreadInput
MoveWindow
BeginPaint
GetForegroundWindow
PostMessageW
SetForegroundWindow
LoadCursorW
FillRect
ShowWindow
GetMessageW
TranslateMessage
DispatchMessageW
SetWindowLongW

gdi32

DeleteObject
LineTo
CreateSolidBrush
MoveToEx
CreateFontW
DeleteDC
SelectObject
TextOutW
BitBlt
GetTextExtentPointW
SetBkMode
CreateCompatibleBitmap
SetTextColor
CreateCompatibleDC
CreatePen
GetTextColor
GetDeviceCaps

advapi32

GetNamedSecurityInfoW
SetEntriesInAclW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW

oleaut32

OleLoadPicturePath

shlwapi

PathFileExistsW
PathIsDirectoryW
PathFileExistsA

ws2_32

WSAGetLastError
WSAStartup
WSAAsyncSelect
WSAAsyncGetHostByName
WSACancelAsyncRequest
WSAWaitForMultipleEvents
recvfrom
WSAEventSelect
WSAIoctl
getsockopt
recv
bind
WSACleanup
connect
ioctlsocket
select
send
__WSAFDIsSet
getsockname
socket
htons
setsockopt
sendto
closesocket
ntohs
inet_addr
inet_ntoa
gethostbyname
htonl
ntohl

msimg32

GradientFill

iphlpapi

GetAdaptersInfo

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wintrust

WinVerifyTrust

Sections

.text
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

40bba69786a46576fd8ea2fa82dd64f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

ws2_32

msimg32

iphlpapi

version

wintrust

Sections

.text Size: 456KB - Virtual size: 456KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 36KB - Virtual size: 92KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 456KB - Virtual size: 456KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 36KB - Virtual size: 92KB

.rsrc
Size: 80KB - Virtual size: 80KB