9d2f1591f50c6e238b3eccb7b877a302ac7494e5353cd2b3d37a5eb8678045ed

Sharing

Copy URL Twitter E-mail

General

Target

9d2f1591f50c6e238b3eccb7b877a302ac7494e5353cd2b3d37a5eb8678045ed
Size

168KB
MD5

07e484a04d515d45b37178275b49e6f0
SHA1

cade0431254068401d7efdff934d68c9ee10a352
SHA256

9d2f1591f50c6e238b3eccb7b877a302ac7494e5353cd2b3d37a5eb8678045ed
SHA512

02fdabc761324e0926a55af9fc1e3bb53101da213cb364e58570fa3df99ef2e8fdafb55cb5ba056c941fc2b02ea6d435d4d85b4e185504be2dd36f05a68466f0
SSDEEP

3072:rJLrp0cQ7QAINqPDHQncZ4Yha+LwPDGPA3ejaAVkuXYJnnL:tLO7QAISZ4Yw+3EOHXYJn

Score

N/A

Malware Config

Signatures

Files

9d2f1591f50c6e238b3eccb7b877a302ac7494e5353cd2b3d37a5eb8678045ed
.exe windows x86

b51f22a4896575229889a74a6c48f13a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
ReadFile
EnterCriticalSection
GetFileSize
WriteFile
UnmapViewOfFile
MapViewOfFile
GetVersionExA
SetEvent
LeaveCriticalSection
GetSystemTime
InterlockedIncrement
InterlockedDecrement
SystemTimeToFileTime
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
CompareFileTime
CreateDirectoryA
FindResourceA
GetFileAttributesA
FindFirstFileA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
SetFileAttributesA
SetFileAttributesW
FindNextFileA
FindNextFileW
FindFirstFileW
GetFileAttributesW
ReleaseMutex
GetPrivateProfileIntA
GetPrivateProfileIntW
GetLastError
CreateThread
QueryPerformanceFrequency
MultiByteToWideChar
LoadResource
QueryPerformanceCounter
MoveFileA
MoveFileW
RemoveDirectoryA
RemoveDirectoryW
CreateMutexA
CreateMutexW
LoadLibraryA
WritePrivateProfileStringA
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
CreateProcessA
CreateProcessW
lstrcpynA
GetProcAddress
FreeLibrary
SetFilePointer
IsBadReadPtr
GetCurrentThreadId
IsDBCSLeadByte
GetSystemTimeAsFileTime
GetCurrentProcessId
GetProcessTimes
GetCurrentProcess
GetLocalTime
FlushFileBuffers
GetAtomNameA
lstrcmpA
IsBadWritePtr
CreateFileMappingA
CreateFileMappingW
GetVersionExW
DeleteCriticalSection
InitializeCriticalSection
GetACP
GlobalFree
GlobalAlloc
LocalAlloc
LocalReAlloc
LocalFree
OpenProcess
CloseHandle
WaitForSingleObject
lstrlenA
ExitProcess
GetCommandLineA
GetTickCount
lstrlenW
FindClose
lstrcmpiA
WideCharToMultiByte
TerminateProcess
RtlUnwind

user32

GetWindowLongA
GetWindowLongW
GetWindowTextLengthA
LoadCursorA
LoadCursorW
LoadIconA
LoadIconW
LoadStringW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
CharNextA
SendMessageTimeoutA
SendMessageA
SendMessageW
SetWindowLongA
SetWindowLongW
RegisterClassExA
RegisterClassExW
PostQuitMessage
FindWindowExW
FindWindowExA
FindWindowW
DispatchMessageA
DispatchMessageW
DefWindowProcA
DefWindowProcW
CreateDialogParamW
CreateWindowExW
CreateWindowExA
CreateDialogParamA
GetSystemMetrics
TranslateMessage
MsgWaitForMultipleObjects
DestroyWindow
GetWindowTextA
IsWindow
GetWindowThreadProcessId
GetDesktopWindow
DestroyIcon
GetDlgItem

shlwapi

SHSetValueW
PathAddExtensionW
StrCatBuffW
StrStrIW
StrToIntExW
StrChrW
PathRemoveBackslashW
PathCombineW
PathFindExtensionW
SHGetValueW
StrCpyNW
PathRemoveFileSpecW
PathFindFileNameW
PathAppendW
PathFileExistsW
StrCmpIW
PathFindFileNameA
PathAddBackslashW
wvnsprintfA
SHStrDupW
PathRemoveFileSpecA
PathAddBackslashA
SHRegGetUSValueW
StrCatBuffA
wnsprintfA
StrCmpNIW
StrToIntW
StrCmpNW
wnsprintfW

shfolder

SHGetFolderPathW

oleaut32

SysAllocString
SysFreeString

ole32

CreateBindCtx
StringFromGUID2
CoUninitialize
CoCreateInstance
CoInitialize

advapi32

RegCloseKey
AllocateAndInitializeSid
FreeSid
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA

shell32

SHFileOperationA

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA

urlmon

CreateURLMoniker
RegisterBindStatusCallback

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�e;5A�
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b51f22a4896575229889a74a6c48f13a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

shfolder

oleaut32

ole32

advapi32

shell32

version

urlmon

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 7KB

�e;5A� Size: 92KB - Virtual size: 92KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 7KB

�e;5A�
Size: 92KB - Virtual size: 92KB