9623d47cec595464fc6ed804c6d1c3b3bd9b55b6fb42ed256a2aecadc50e4530

Sharing

Copy URL Twitter E-mail

General

Target

9623d47cec595464fc6ed804c6d1c3b3bd9b55b6fb42ed256a2aecadc50e4530
Size

125KB
MD5

0ede6e0efd59445ca63bc2993ba12e3d
SHA1

683ab01e01ba873531c677a9ecf0339011eb8130
SHA256

9623d47cec595464fc6ed804c6d1c3b3bd9b55b6fb42ed256a2aecadc50e4530
SHA512

9d5a3cff2706051cc2958bf924a2f81223f68f0b436f479aee3e4f6dba4822a5d94ccff55f0df8c536427859e9c1f16a9cef657480167098578bdc23967dcfa7
SSDEEP

1536:WZ1qYQdy3yw4y1zCg3zSlgTBKBH0XNtmrbHMc4OX383WLdV0oz0rlO:WL53546CQzugV/NtmnMc4OSWLdZ0rlO

Score

N/A

Malware Config

Signatures

Files

9623d47cec595464fc6ed804c6d1c3b3bd9b55b6fb42ed256a2aecadc50e4530
.exe windows x86

87a65c24e33196573489b79ec7af623c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteFile
WaitForSingleObject
TerminateProcess
SuspendThread
Sleep
SetProcessWorkingSetSize
SetPriorityClass
SetFileTime
SetFilePointer
SetFileAttributesA
SetErrorMode
SetEndOfFile
ResumeThread
RemoveDirectoryA
ReadFile
OpenProcess
MulDiv
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetTickCount
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetLogicalDrives
GetLocalTime
GetFileTime
GetFileAttributesA
GetDriveTypeA
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateProcessA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
CreateThread
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
MoveFileA
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeNameA
GetUserNameA
GetTokenInformation
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
OpenServiceA
OpenSCManagerA
EnumServicesStatusA
ControlService
CloseServiceHandle

avicap32

capCreateCaptureWindowA

gdi32

SelectObject
GetObjectA
GetDIBits
DeleteObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

oleaut32

SysFreeString
SysReAllocStringLen

urlmon

URLDownloadToFileA

user32

CreateWindowExA
mouse_event
UnregisterClassA
TranslateMessage
ShowWindow
SetCursorPos
SetClipboardData
SendMessageA
ReleaseDC
RegisterClassA
OpenClipboard
MessageBoxA
LoadImageA
LoadIconA
IsWindowVisible
IsIconic
GetWindowThreadProcessId
GetWindowTextA
GetWindowLongA
GetSystemMetrics
GetMessageA
GetKeyState
GetForegroundWindow
GetDesktopWindow
GetDC
GetCursorPos
GetClipboardData
GetClassNameA
GetAsyncKeyState
FindWindowExA
FindWindowA
ExitWindowsEx
EnumWindows
EnableWindow
EmptyClipboard
DispatchMessageA
DefWindowProcA
CloseClipboard
ClipCursor
GetKeyboardType
LoadStringA
MessageBoxA
CharNextA

wininet

InternetGetConnectedState

winmm

mciSendStringA

wsock32

WSACleanup
WSAStartup
WSAAsyncSelect
gethostname
gethostbyname
socket
shutdown
send
recv
listen
inet_ntoa
inet_addr
htons
htonl
connect
closesocket
bind
accept

Sections

CODE
Size: 100KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rebld_r
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rebld_i
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87a65c24e33196573489b79ec7af623c

Headers

File Characteristics

Imports

kernel32

advapi32

avicap32

gdi32

oleaut32

urlmon

user32

wininet

winmm

wsock32

Sections

CODE Size: 100KB - Virtual size: 104KB

DATA Size: 9KB - Virtual size: 12KB

BSS Size: - Virtual size: 12KB

.idata Size: 4KB - Virtual size: 8KB

.tls Size: - Virtual size: 4KB

.rdata Size: 19B - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 3KB

.rebld_r Size: 1KB - Virtual size: 1KB

.rebld_i Size: 4KB - Virtual size: 4KB

CODE
Size: 100KB - Virtual size: 104KB

DATA
Size: 9KB - Virtual size: 12KB

BSS
Size: - Virtual size: 12KB

.idata
Size: 4KB - Virtual size: 8KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 19B - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 3KB

.rebld_r
Size: 1KB - Virtual size: 1KB

.rebld_i
Size: 4KB - Virtual size: 4KB