c9bdc436effcfc52ab1a2be53bb065f77d6a0a95e91819e5c6c8d5f319c923e9

Sharing

Copy URL

Twitter E-mail

General

Target

c9bdc436effcfc52ab1a2be53bb065f77d6a0a95e91819e5c6c8d5f319c923e9
Size

880KB
MD5

05050481027916fd829ee1e467959650
SHA1

ecaad87b222d2aff649f995639afba7691b7ea0d
SHA256

c9bdc436effcfc52ab1a2be53bb065f77d6a0a95e91819e5c6c8d5f319c923e9
SHA512

8cefe7a8de0e66be06a51100fd1d38304eae3eca05f8bd8d5276f4870402e5be4d11d916f659e7427e4c61432c8f48e77cf97b4fa25a6c863eed49cd3a9728e3
SSDEEP

12288:FChdwxLGeqkrm6ZPi4zX/tDTAp6veXypK4CBOCAsqPz8mqlOlyfKTT1VLD3ULI0:+dGa6ZPHX/xTApVyoOCALOOlyfKTTwI

Score

N/A

Malware Config

Signatures

Files

c9bdc436effcfc52ab1a2be53bb065f77d6a0a95e91819e5c6c8d5f319c923e9
.dll windows x86

dacc82d3c622d4cfbcaab25a5a36565a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
GetSystemInfo
VirtualProtect
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetConsoleMode
GetLocaleInfoW
SetStdHandle
Sleep
InitializeCriticalSection
InterlockedExchange
SetConsoleCtrlHandler
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
VirtualAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
CompareStringA
CompareStringW
GetLocaleInfoA
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
GetModuleHandleW
ExpandEnvironmentStringsA
GetModuleHandleA
IsDBCSLeadByteEx
SetEndOfFile
CreateFileA
GetFileSize
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatA
LoadLibraryW
GetSystemDirectoryA
GetModuleFileNameA
GetModuleFileNameW
OutputDebugStringA
GetACP
ReadFile
WriteFile
GetSystemDefaultLangID
SetCurrentDirectoryA
SetCurrentDirectoryW
GetTempPathW
GetTempFileNameW
SetFilePointer
CreateFileW
CloseHandle
GetTimeZoneInformation
GetLocalTime
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
WideCharToMultiByte
MultiByteToWideChar
MulDiv
GetLastError
GetConsoleCP
TerminateProcess
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
GetCurrentThread
SetHandleCount
GetStdHandle
SetEnvironmentVariableA

user32

SendDlgItemMessageW
SetWindowTextA
SetWindowTextW
SendDlgItemMessageA
GetDC
GetDesktopWindow
ReleaseDC
CharNextExA
DrawTextA
DrawTextW
FillRect
wsprintfA
GetWindowTextA
DialogBoxParamA
SendMessageA
MessageBoxA
GetDlgItemTextA
SetDlgItemTextA
MessageBoxW
SetFocus
GetDlgItemTextW
SetDlgItemTextW
CheckDlgButton
EndDialog
IsWindowVisible
WinHelpA
GetWindowLongA
SetWindowLongA
DialogBoxParamW
ShowWindow
EnableWindow
GetDlgItem
GetWindowRect
MoveWindow
ScreenToClient

gdi32

EnumFontFamiliesExW
BeginPath
MoveToEx
LineTo
CloseFigure
EndPath
FillPath
SetTextColor
CreatePen
CreateSolidBrush
CreateFontIndirectA
Rectangle
TextOutA
TextOutW
GetTextExtentPoint32A
CreateCompatibleDC
CreateFontIndirectW
DeleteDC
SelectObject
DeleteObject
GetGlyphIndicesW
GetFontData
GetDeviceCaps
CreateFontA
CreateFontW

advapi32

CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptSetKeyParam
CryptGenRandom
CryptEncrypt
CryptDestroyKey
CryptReleaseContext
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetUserNameA
GetUserNameW

shell32

SHBrowseForFolderA
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetMalloc
ord165
SHGetPathFromIDListA

ole32

CoCreateGuid

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

DllMain
GetClass
InstallModule
RunKXModuleCmd

Sections

.text
Size: 632KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dacc82d3c622d4cfbcaab25a5a36565a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Exports

Exports

Sections

.text Size: 632KB - Virtual size: 628KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 80KB - Virtual size: 84KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 28KB - Virtual size: 25KB

.text
Size: 632KB - Virtual size: 628KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 80KB - Virtual size: 84KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 28KB - Virtual size: 25KB