9f218ea51150a7dc345f104b0bec6a355475b245d59ccba83a0f40072f26eca1

Sharing

Copy URL Twitter E-mail

General

Target

9f218ea51150a7dc345f104b0bec6a355475b245d59ccba83a0f40072f26eca1
Size

438KB
MD5

31552ec5f372587650c51b420dcab070
SHA1

eb668e7b0041225cae18bdfda9afd9215d684bb3
SHA256

9f218ea51150a7dc345f104b0bec6a355475b245d59ccba83a0f40072f26eca1
SHA512

2ed40b692f5b73d7aea157194b1ccdc3338ebabc6b0d955c1c299d276c036bc7cbf34055543660e40e1f3fe3d67313b42e8ed4248bd4d98c62d5a8e595c098ff
SSDEEP

12288:nyvT+12Tw5TwQEUAd81EjVeDj2/HaaaaaaaGr:nybnEFiBjejs

Score

N/A

Malware Config

Signatures

Files

9f218ea51150a7dc345f104b0bec6a355475b245d59ccba83a0f40072f26eca1
.exe windows x86

0956b07884cbe785b362011992355d35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

FlushFileBuffers
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
LCMapStringW
HeapReAlloc
LoadLibraryW
GetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapSize
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetLastError
GetProcAddress
ExitProcess
CreateEventA
CreateThread
InterlockedDecrement
LoadLibraryA
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
HeapCreate
GetModuleFileNameW
WriteFile
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
LocalFree
RtlUnwind
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
EncodePointer
DecodePointer
RaiseException
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError

user32

IsWindow
GetIconInfo
SendMessageA
InsertMenuItemA
GetDlgItem
SetWindowTextA
SetFocus
GetWindowTextA
EndDialog
SendDlgItemMessageA
GetClientRect
MoveWindow
ShowWindow
GetMessagePos
GetDialogBaseUnits
GetDC
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
DefWindowProcA
IsDlgButtonChecked
CheckDlgButton
CheckRadioButton
ShowScrollBar
ReleaseDC
GetWindowLongA
LoadStringA
MessageBoxA
GetWindowRect
EnumChildWindows

gdi32

MoveToEx
LineTo
CreateBitmap
CreatePatternBrush
SetBrushOrgEx
PatBlt
DeleteObject
SelectObject

ole32

CoInitialize

oleaut32

SysFreeString
VariantClear
SysAllocString

sensapi

IsNetworkAlive

eappcfg

EapHostPeerGetMethods
EapHostPeerFreeMemory
EapHostPeerFreeErrorMemory

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0956b07884cbe785b362011992355d35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

sensapi

eappcfg

Sections

.text Size: 82KB - Virtual size: 82KB

.rdata Size: 250KB - Virtual size: 249KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 91KB - Virtual size: 90KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 250KB - Virtual size: 249KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 91KB - Virtual size: 90KB

.reloc
Size: 9KB - Virtual size: 8KB