0c9159f9fbb4a7bd6c0d593bdd2330ba5b63869cd657f5097936ba1e4289ce84

Sharing

Copy URL Twitter E-mail

General

Target

0c9159f9fbb4a7bd6c0d593bdd2330ba5b63869cd657f5097936ba1e4289ce84
Size

240KB
MD5

0c87e8fda88d6dc6b1f21b0447723270
SHA1

d7b53fa023a4a9dfb32b5e243c0eb5de6856d247
SHA256

0c9159f9fbb4a7bd6c0d593bdd2330ba5b63869cd657f5097936ba1e4289ce84
SHA512

8287e054e4bc077f906cd4f6b56c03c63fe1ca7448123890750e6b7db9489f650557ef62b53dbab9640e61736e1db4e27356a9291525b63d6b78ca50254c40b4
SSDEEP

6144:rw20j/QYCYodOkgXBWudmPbwm17OaVYK:rw20j/QYCrOkPudc

Score

N/A

Malware Config

Signatures

Files

0c9159f9fbb4a7bd6c0d593bdd2330ba5b63869cd657f5097936ba1e4289ce84
.exe windows x86

19fb289ddb6abb1922fa6615efa21a2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
CloseHandle
lstrlenA
CompareStringW
OpenProcess
GetCurrentProcessId
InterlockedDecrement
HeapAlloc
GetProcessHeap
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
VirtualProtectEx
LoadLibraryW
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
SetEnvironmentVariableA
CompareStringA
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
SetFilePointer
GetOEMCP
LoadLibraryA
SetConsoleCtrlHandler
IsBadCodePtr
MultiByteToWideChar
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
HeapFree
VirtualProtect
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
HeapSize
TerminateProcess
GetProcAddress
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThread
SetLastError
TlsAlloc
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
SetUnhandledExceptionFilter
GetModuleFileNameA
FreeLibrary
GetLastError
GetModuleFileNameW
GetModuleHandleW
lstrcpyW
lstrlenW
InterlockedIncrement
IsBadReadPtr
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
FlushInstructionCache
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetStringTypeW
GetStringTypeA
FatalAppExitA
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
GetModuleHandleA
HeapReAlloc
RtlUnwind
ExitProcess
Sleep
WideCharToMultiByte
GetVersionExA
GetLocaleInfoA
GetACP
GetSystemInfo

user32

SetRectEmpty
SetWindowLongW
UnregisterClassW
DestroyWindow
PeekMessageW
TranslateMessage
DispatchMessageW
UnregisterClassA
DialogBoxParamW
GetSystemMenu
GetSystemMetrics
LoadImageW
ReleaseDC
GetDC
OffsetRect
CreateWindowExW
GetClassNameW
CreateCursor
DrawTextW
IsWindowEnabled
GetSysColor
GetFocus
DrawFocusRect
FillRect
EndPaint
BeginPaint
GetDlgCtrlID
SetCursor
InvalidateRect
PtInRect
SetCapture
GetActiveWindow
ReleaseCapture
GetCursorPos
ScreenToClient
UpdateWindow
CallWindowProcW
GetCapture
SetWindowTextW
DestroyCursor
GetWindowTextLengthW
GetWindowTextW
MessageBeep
SetFocus
IsWindow
EnableWindow
LoadStringW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
GetDlgItem
SetDlgItemTextW
KillTimer
SetTimer
GetWindowLongW
DestroyMenu
AppendMenuW
EndDialog
SendMessageW
CharNextW
DefWindowProcW

gdi32

GetStockObject
GetObjectW
CreateFontIndirectW
SetBkMode
SelectObject
SetTextColor
DeleteObject
DeleteDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
OpenProcessToken

shell32

ShellExecuteW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

SysFreeString
VarUI4FromStr

shlwapi

PathFindFileNameW
PathFileExistsW

comctl32

_TrackMouseEvent
InitCommonControlsEx

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19fb289ddb6abb1922fa6615efa21a2b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

psapi

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 3KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 60KB - Virtual size: 60KB