f9a1ed8d3290b3acd77bde24395679d1f3f82095b26adf18ceed5edffb4917b1

Sharing

Copy URL Twitter E-mail

General

Target

f9a1ed8d3290b3acd77bde24395679d1f3f82095b26adf18ceed5edffb4917b1
Size

200KB
MD5

18d9f08b2b4235ff9c86a29137e3b04c
SHA1

b7f725646086de77d5ee39a1a5a4648cf19723ae
SHA256

f9a1ed8d3290b3acd77bde24395679d1f3f82095b26adf18ceed5edffb4917b1
SHA512

14c4a60a7052fbf7d165a61181baa87edacdf1bf103bdc69d683423c1188de2f42e8785041d7819e538e69e40fcab7fb6d4dbeb561b83b8e6d3760b658c8d025
SSDEEP

6144:0rnqPDBX7NIlc6wOMnXqYIGvQgHbXjkiUjS:02voMXzI/gHiG

Score

N/A

Malware Config

Signatures

Files

f9a1ed8d3290b3acd77bde24395679d1f3f82095b26adf18ceed5edffb4917b1
.exe windows x86

ae3dc808b3570de5bdba820f155d46e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleFileNameA
IsBadHugeReadPtr
GlobalHandle
GetSystemTimeAsFileTime
SetEndOfFile
GetSystemInfo
GetFullPathNameW
HeapFree
GetCurrentThread
SetFilePointer
GetCPInfo
GlobalAlloc
GetFileAttributesW
lstrcmpiW
GlobalFree
GetVersionExW
GetProcessHeap
PostQueuedCompletionStatus
GetQueuedCompletionStatus
IsBadReadPtr
CreateEventW
InterlockedIncrement
GetCurrentProcessId
CloseHandle
ReadFile
GetLastError
CreateIoCompletionPort
GetPrivateProfileStringW
GetTickCount
FreeLibrary
MultiByteToWideChar
IsBadCodePtr
MulDiv
LoadLibraryW
WaitForMultipleObjects
OutputDebugStringA
GlobalLock
GetProfileIntA
InterlockedExchange
DeleteCriticalSection
lstrlenW
lstrcpyA
WaitForSingleObject
EnterCriticalSection
DeleteFileW
SetThreadPriority
SetEvent
GetEnvironmentStringsW
lstrcpyW
lstrcmpW
lstrlenA
IsBadWritePtr
GetCurrentProcess
GlobalMemoryStatus
QueryPerformanceCounter
InterlockedDecrement
ResetEvent
GetFileSize
WriteFile
GetThreadPriority
CreateSemaphoreW
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrcpynW
CreateFileW
VirtualFree
LeaveCriticalSection
GlobalUnlock
ReleaseSemaphore
HeapAlloc
GetSystemDefaultLangID
CreateThread
InitializeCriticalSection
GetDiskFreeSpaceW

advapi32

RegEnumKeyExW
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegSetValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW
RegQueryValueExW
RegEnumKeyW

msvcrt

_purecall
??3@YAXPAX@Z
_ftol
wcslen
??2@YAPAXI@Z
_except_handler3

user32

IsWindowVisible
GetClientRect
EnableWindow
IsWindow
CheckDlgButton
GetWindowRect
DestroyWindow
SetWindowLongW
CreateDialogParamW
SetCursor
GetDC
GetAsyncKeyState
PeekMessageW
CheckRadioButton
DefWindowProcW
LoadCursorW
wsprintfW
ShowWindow
TranslateMessage
MoveWindow
SetDlgItemTextW
ClientToScreen
ReleaseDC
SetDlgItemInt
GetWindowLongW
GetDesktopWindow
InvalidateRect
IsRectEmpty
SendMessageW
DispatchMessageW
LoadStringW
GetDlgItemInt
GetDlgItem

winmm

mixerOpen
mixerClose
mixerGetControlDetailsW
waveInStart
waveInUnprepareHeader
waveInReset
mixerGetLineControlsW
mixerGetID
waveInClose
waveInPrepareHeader
CloseDriver
waveInStop
OpenDriver
waveInAddBuffer
mixerGetLineInfoW
mixerSetControlDetails
waveInGetDevCapsW
SendDriverMessage
waveInOpen

msvfw32

ICOpen
ICClose
ICCompress
ICLocate
ICGetInfo
ICDecompress
ICSendMessage

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries

gdi32

GetStockObject
PatBlt
GetTextExtentPoint32W
SelectObject
GetPaletteEntries
GetObjectW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3dc808b3570de5bdba820f155d46e5

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

winmm

msvfw32

ole32

gdi32

version

Sections

.text Size: 172KB - Virtual size: 171KB

.data Size: 25KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 644B

.text
Size: 172KB - Virtual size: 171KB

.data
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 644B