9d320ce2191ab22705030abd94bd7c983a9b8ab3d31dd99e3a9a84139b298ede

Sharing

Copy URL Twitter E-mail

General

Target

9d320ce2191ab22705030abd94bd7c983a9b8ab3d31dd99e3a9a84139b298ede
Size

128KB
MD5

0a5ded9cc6477e25c269655867e93750
SHA1

9a3b308075d9914a3bbf5aa94982ddd8d8d1ab77
SHA256

9d320ce2191ab22705030abd94bd7c983a9b8ab3d31dd99e3a9a84139b298ede
SHA512

8d0efc713d10078da5bfc758479f81ac8830bc25feeb7769774ef351e3207cddd8c01683a4cce899950ad33269e6d15de8a42d1372a452c2018171ca60b08e70
SSDEEP

3072:a+ZksWTebAsmMIseouVnak/8HV7sbA7A5EloJLs6YB0YS9o:aKLKMIseouVnaaG4bAoEuts6qko

Score

N/A

Malware Config

Signatures

Files

9d320ce2191ab22705030abd94bd7c983a9b8ab3d31dd99e3a9a84139b298ede
.exe windows x86

c0d476a78212e49e513499c14ea5da09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
ExitProcess
VirtualProtectEx
GetDriveTypeA
LockResource
UnmapViewOfFile
GetTickCount
lstrcatA
WriteFile
FindResourceA
InterlockedDecrement
GetSystemTime
WritePrivateProfileStringA
SetThreadPriority
GetVersionExA
SetFileAttributesA
GlobalUnlock
HeapDestroy
InterlockedExchange
GetPrivateProfileStringA
ResumeThread
SystemTimeToFileTime
MoveFileA
EnterCriticalSection
FileTimeToSystemTime
IsBadReadPtr
CreateFileMappingA
SetFileTime
RemoveDirectoryA
GlobalAlloc
GetComputerNameA
GetLocaleInfoA
GetLastError
InitializeCriticalSection
WideCharToMultiByte
ReadFile
lstrcpyA
GlobalMemoryStatus
GetFileTime
MapViewOfFile
lstrcmpA
GetDiskFreeSpaceA
GetVersion
LocalFree
DeleteCriticalSection
GetSystemInfo
MultiByteToWideChar
GetTempPathA
GetFileAttributesA
GetThreadPriority
GetFileSize
GetModuleFileNameA
GlobalLock
LoadResource
GlobalFree
CreateMutexA
lstrlenA
CreateProcessA
LocalAlloc
lstrlenW
Sleep
CreateFileA
LoadLibraryA
WaitForSingleObject
SetFilePointer
CloseHandle
GetCurrentThread
InterlockedIncrement
GetProcAddress
GetVolumeInformationA
FormatMessageA
FreeLibrary
SetEndOfFile
GetStartupInfoA
GetModuleHandleA
GetCurrentThreadId
GetProcessHeap

user32

GetCapture
GetMenu
GetMessageA
ReleaseDC
GetCursorPos
SetCursor
GetDCEx
GetSystemMenu
DrawTextA
GetMenuItemInfoA
DestroyMenu
GetMenuItemID
GetSubMenu
SetWindowsHookExA
MapDialogRect
DeleteMenu
LoadMenuA
DeferWindowPos
GetMenuDefaultItem
LoadBitmapA
CallNextHookEx
UnhookWindowsHookEx
IntersectRect
SetCaretPos
IsZoomed
DrawIconEx
PostQuitMessage
EqualRect
UpdateWindow
AdjustWindowRectEx
AppendMenuA
GetParent
GetSystemMetrics
InflateRect
GetDlgCtrlID
IsWindowVisible
CreateWindowExA
LoadCursorA
GetKeyState
SetForegroundWindow
DestroyCaret
TrackPopupMenu
SetCapture
CopyRect
GetClientRect
GetMenuStringA
IsIconic
IsMenu
SystemParametersInfoA
DispatchMessageA
CreatePopupMenu
EndDeferWindowPos
GetWindowLongA
UnionRect
GetWindowRect
SetWindowPos
PtInRect
SetParent
MapWindowPoints
BeginDeferWindowPos
WindowFromPoint
GetMenuItemCount
GetWindow
GetTopWindow
FlashWindow
KillTimer
SetWindowLongA
EnableWindow
CheckMenuItem
ClientToScreen
wvsprintfA
IsRectEmpty
ModifyMenuA
RedrawWindow
OffsetRect
LockWindowUpdate
ShowCaret
GetMenuState
CreateCaret
SetWindowContextHelpId
ScreenToClient
InsertMenuA
SetMenuDefaultItem
GetClassLongA
GetDesktopWindow
DrawEdge
GetNextDlgTabItem
SetRectEmpty
GetMessagePos
SendMessageA
RegisterClipboardFormatA
EnableMenuItem
GetDC
PeekMessageA
IsWindow
BringWindowToTop
RegisterWindowMessageA
ReleaseCapture
GetActiveWindow
PostMessageA
WaitMessage
GetSysColor
FillRect
LoadImageA
RemoveMenu
SetMenuItemInfoA
PostThreadMessageA
HideCaret
DrawFrameControl
SetTimer
InvalidateRect
MessageBoxA
SetRect

gdi32

CombineRgn
SetTextColor
PatBlt
CreateRectRgn
CreateSolidBrush
CreateCompatibleDC
CreateRectRgnIndirect
StretchBlt
SetBitmapBits
CreatePatternBrush
ExtTextOutA
GetCurrentObject
CreateCompatibleBitmap
GetBitmapBits
GetTextExtentPointA
DeleteDC
CreateDIBitmap
SelectObject
Polygon
Rectangle
BitBlt
DeleteObject
TextOutA
GetDeviceCaps
CreateFontIndirectA
GetTextExtentPoint32A
GetStockObject
CreateDCA
SetDIBits
GetTextMetricsA
CreateBitmap
GetDIBits
GetObjectA
RectInRegion
StretchDIBits

advapi32

RegDeleteValueA
RegSaveKeyA
RegRestoreKeyA
RegSetValueExA
RegCreateKeyExA
RegNotifyChangeKeyValue
RegLoadKeyA
RegEnumKeyExA
RegCloseKey
RegSetKeySecurity
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegFlushKey
RegUnLoadKeyA
RegGetKeySecurity
RegConnectRegistryA
RegReplaceKeyA
RegDeleteKeyA
RegOpenKeyExA

shell32

SHGetMalloc
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
StringFromGUID2
CoGetClassObject
StringFromCLSID
CoCreateGuid
CLSIDFromString

oleaut32

SysFreeString
SysAllocStringLen
VariantClear

comctl32

ImageList_EndDrag
ImageList_GetImageCount
ImageList_DragLeave
ord8
ImageList_AddMasked
ImageList_SetBkColor
ImageList_BeginDrag
ImageList_DragEnter

winmm

mciSendStringA
mciSendCommandA
PlaySoundA
mciGetErrorStringA

wininet

InternetDial
InternetGetConnectedState
InternetAutodialHangup

wsock32

accept
WSASetLastError
htons
bind
socket
connect
WSAAsyncSelect
recv
send
getpeername
ntohs
getsockname
closesocket
ioctlsocket
WSAGetLastError
listen
inet_addr
shutdown
gethostbyname

oledlg

ord4

avifil32

AVIFileInit
AVIStreamRelease
AVIStreamGetFrameOpen
AVIStreamOpenFromFileA
AVIStreamGetFrameClose
AVIFileExit
AVIStreamGetFrame

msvcrt

time
_initterm
_mbctolower
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
srand
__set_app_type
__CxxFrameHandler
_close
__dllonexit
_XcptFilter
free
_ftol
_adjust_fdiv
_mbscmp
fclose
??8type_info@@QBEHABV0@@Z
??1type_info@@UAE@XZ
_purecall
qsort
fseek
strncpy
__RTtypeid
malloc
vsprintf
fprintf
_acmdln
_except_handler3
_CIacos
atof
strncat
__setusermatherr
localtime
_CIasin
__getmainargs
_open
_mbctoupper
_endthread
_fstat
isdigit
wcslen
_beginthread
_mbschr
wcscpy
_lseek
_chdrive
ftell
_mbsinc
__RTDynamicCast
rand
isalpha
_setjmp3
_CIpow
memmove
isalnum
_strdup
_ftime
_onexit
fopen
ctime
_setmbcp
clock
gmtime
exit
atoi
__p__fmode
_chdir
_itoa
floor
atol
_controlfp
_CxxThrowException
_exit
__p__commode
longjmp
sprintf
?terminate@@YAXXZ
fgets
memset

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0d476a78212e49e513499c14ea5da09

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

wininet

wsock32

oledlg

avifil32

msvcrt

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 63KB - Virtual size: 97KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 63KB - Virtual size: 97KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB