f9d0f811844ca8e54b9260bdfcf258ff010d80cd7ffc915cc78c0fab4b60622c

Sharing

Copy URL Twitter E-mail

General

Target

f9d0f811844ca8e54b9260bdfcf258ff010d80cd7ffc915cc78c0fab4b60622c
Size

760KB
MD5

014c2ea2b07e0d4441317b42bbc0a510
SHA1

324539e1fc8a69d84ac36b53bdeb94a33eec3eed
SHA256

f9d0f811844ca8e54b9260bdfcf258ff010d80cd7ffc915cc78c0fab4b60622c
SHA512

2ae0ce1dbe1142a17e9d2a01f54705af27f32c0a43406b93d3ce24214dd3f8ce0fcea48e17f4d4d5bdc68beba54b09fedaa4c1abf793068f40461e741cc65d18
SSDEEP

12288:hGKb929GDJaey2H9434aVlpmQW1bOtApjGCK6H0MO0wBk1Z:hRM9KDd43tlpmJc2IBBk/

Score

N/A

Malware Config

Signatures

Files

f9d0f811844ca8e54b9260bdfcf258ff010d80cd7ffc915cc78c0fab4b60622c
.exe windows x86

004934b700407d0ba53a8fcba566f798

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseDC
SetWindowLongA
InvalidateRect
GetDC
EndPaint
MessageBoxA
ExitWindowsEx
PostThreadMessageA
LoadImageA
AdjustWindowRectEx
GetDesktopWindow
GetWindowRect
CreateWindowExA
UpdateWindow
RegisterClassA
GetMessageA
DestroyWindow
BeginPaint
GetWindowLongA
SetTimer
DrawTextA
EndDialog
KillTimer
ShowWindow
LoadStringA
SetDlgItemTextA
TranslateMessage
PeekMessageA
GetDlgItem
SendMessageA
PostQuitMessage
DefWindowProcA
GetKeyState
LoadIconA
LoadCursorA
RegisterClassExA
DialogBoxParamA
DispatchMessageA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

kernel32

GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
Sleep
IsDebuggerPresent
TlsFree
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
GlobalAlloc
_lwrite
_lread
_llseek
_lopen
_lclose
GetSystemDefaultLangID
GlobalUnlock
GlobalLock
GlobalFree
WinExec
_lcreat
SetErrorMode
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetSystemDirectoryA
LeaveCriticalSection
TlsGetValue
FreeLibrary
CreateThread
GetVersion
SetLastError
TlsAlloc
VirtualAlloc
GlobalFindAtomA
EnumSystemLocalesW
GetSystemTimeAdjustment
lstrcmpA
FreeLibraryAndExitThread
FindAtomA
GetLocaleInfoW
IsBadReadPtr
GetStringTypeW
GetStringTypeA
CreateFileA
HeapSize
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
MultiByteToWideChar
LCMapStringA
SetUnhandledExceptionFilter
FlushFileBuffers
VirtualQuery
GetCPInfo
GetOEMCP
GetACP
ReadFile
SetFilePointer
GetStdHandle
SetHandleCount
WriteFile
HeapAlloc
GetFileType
SetStdHandle
GetCurrentProcess
TerminateProcess
ExitProcess
MoveFileA
GetStartupInfoA
GetModuleHandleA
HeapFree
RaiseException
RtlUnwind
WideCharToMultiByte
GetSystemTimeAsFileTime
DosDateTimeToFileTime
SetFileTime
IsBadCodePtr
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetExitCodeProcess
FindNextFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
SetEndOfFile
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
FindResourceA
LoadResource
FindFirstFileA
WaitForSingleObject
FindClose
DeleteFileA
GetFileAttributesA
SetFileAttributesA
GetTempPathA
SetCurrentDirectoryA
CreateDirectoryA
GetFullPathNameA
RemoveDirectoryA
GetModuleFileNameA
GetLastError
GetCommandLineA
CreateProcessA
GetVersionExA
GetDiskFreeSpaceA
LoadLibraryA
GetProcAddress
GetNumberFormatA
GetEnvironmentVariableA
lstrcmpiA
GetCurrentDirectoryA
CloseHandle
TlsSetValue

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 479KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

004934b700407d0ba53a8fcba566f798

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 68KB - Virtual size: 191KB

.rsrc Size: 89KB - Virtual size: 89KB

.text Size: 479KB - Virtual size: 480KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 68KB - Virtual size: 191KB

.rsrc
Size: 89KB - Virtual size: 89KB

.text
Size: 479KB - Virtual size: 480KB