a9356dd8568924ba6380fb0c192502cb30b4290cbc7494f9801d8fed4274c724

Sharing

Copy URL

Twitter E-mail

General

Target

a9356dd8568924ba6380fb0c192502cb30b4290cbc7494f9801d8fed4274c724
Size

396KB
MD5

52ec44494fed2c9bebd5ce99903b7775
SHA1

6191526cf35f080922830412c795df4fed5f8696
SHA256

a9356dd8568924ba6380fb0c192502cb30b4290cbc7494f9801d8fed4274c724
SHA512

100a3704d165eda1c8ac9e17c593934e76fe947971e8a9cf6dacbf7304927bd103cda0ae82f1e87530548a0b1832476277c493738bdf421e2e8c1ced7fca2ad7
SSDEEP

6144:Q0sTdSkul5CpfZsu43jx0HdEouuj5axxn7JCpIKxZU/bc92A6mJOl:FG7pfZsu43d0HdEFuj5EpNbWAcsoOl

Score

N/A

Malware Config

Signatures

Files

a9356dd8568924ba6380fb0c192502cb30b4290cbc7494f9801d8fed4274c724
.exe windows x86

01ece61e4ccf11d7b346e3e7d3e9f105

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetClassNameA
GetShellWindow
wsprintfW

urlmon

CoInternetCombineUrl

pdh

PdhGetCounterInfoW

ntdsapi

DsFreeSpnArrayA

comdlg32

PageSetupDlgW
ChooseColorA

setupapi

SetupBackupErrorA

kernel32

GetTapeStatus
DeleteTimerQueue
GetFirmwareEnvironmentVariableA
CreateThread
lstrlenA
GetModuleFileNameA
SetFirmwareEnvironmentVariableA
GetCommandLineA
GetModuleHandleA
HeapWalk

imm32

ImmDestroyContext

ole32

HMENU_UserUnmarshal

msvcrt

memcpy
wcstoul
isalnum

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HunyjzY
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

:EA?PHuF
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

%u_^
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

;4H;
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01ece61e4ccf11d7b346e3e7d3e9f105

Headers

File Characteristics

Imports

user32

urlmon

pdh

ntdsapi

comdlg32

setupapi

kernel32

imm32

ole32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 268KB

DATA Size: 196KB - Virtual size: 195KB

HunyjzY Size: 16KB - Virtual size: 12KB

:EA?PHuF Size: 16KB - Virtual size: 15KB

%u_^ Size: 36KB - Virtual size: 32KB

;4H; Size: 28KB - Virtual size: 27KB

.crt Size: 12KB - Virtual size: 9KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 268KB

DATA
Size: 196KB - Virtual size: 195KB

HunyjzY
Size: 16KB - Virtual size: 12KB

:EA?PHuF
Size: 16KB - Virtual size: 15KB

%u_^
Size: 36KB - Virtual size: 32KB

;4H;
Size: 28KB - Virtual size: 27KB

.crt
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 68KB - Virtual size: 64KB