e9773b401443adb1f52f914fb9cb552090aafdbb835eb06534710122a584ca35

Sharing

Copy URL Twitter E-mail

General

Target

e9773b401443adb1f52f914fb9cb552090aafdbb835eb06534710122a584ca35
Size

168KB
MD5

0241fbbd8e7258823a06c29cf2153d10
SHA1

5d21fb6e7660de683866b7f5ae857b9d6e6afdd4
SHA256

e9773b401443adb1f52f914fb9cb552090aafdbb835eb06534710122a584ca35
SHA512

8c23d3fcccbb121cbc81601f7d83c0eb817b09dbc898f82df6f14cd69100221f265ac88ec8c563777584ea90fe69ecb024e1e880f0a221346b38cb36759fd115
SSDEEP

3072:lWc2besP0S4n+xWuvY0i2nEZxJpWOwzUR5IrCYNsG5d3drafA45Ym5v:lr2E9/2EmOwy5o1tra4jm

Score

N/A

Malware Config

Signatures

Files

e9773b401443adb1f52f914fb9cb552090aafdbb835eb06534710122a584ca35
.exe windows x86

928f51591c42fb89f72c170e8d7fb150

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetTimeFormatA
lstrcpyA
GetExitCodeProcess
OpenProcess
ReleaseMutex
CreateProcessA
CreateMutexA
SetErrorMode
GetVersionExA
InterlockedExchangeAdd
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VirtualAlloc
VirtualFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
GetDateFormatA
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetVersion
GetCurrentProcess
lstrcmpA
lstrlenA
LocalAlloc
FreeLibrary
GetEnvironmentVariableA
LoadLibraryA
GetProcAddress
FindNextFileA
FindFirstFileA
FindClose
GetLastError
CloseHandle
WaitForSingleObject
CreateEventA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameA
Sleep
LocalFree
SetUnhandledExceptionFilter
FormatMessageA
SetEvent

user32

CharUpperBuffA
ShowWindow
SetWindowLongA
WinHelpA
LoadStringA
SendMessageA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowThreadProcessId
MessageBoxA
DestroyWindow
GetSystemMenu
DeleteMenu
AppendMenuA
DestroyMenu
PostQuitMessage
GetDlgItem
SetForegroundWindow
CreatePopupMenu
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
FindWindowA
PostMessageA
SetFocus
DefWindowProcA
LoadImageA
SetClassLongA
DestroyIcon
GetWindowLongA
SetDlgItemInt
SetDlgItemTextA
CharLowerBuffA

gdi32

GetStockObject

advapi32

QueryServiceStatus
ReportEventA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
StartServiceCtrlDispatcherA
RegisterEventSourceA
StartServiceA
RegisterServiceCtrlHandlerA
CloseServiceHandle
SetServiceStatus
OpenSCManagerA
OpenServiceA
ControlService
DeregisterEventSource

shell32

Shell_NotifyIconA

fbclient

ord42
ord1
ord79

msvcr80

_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
_strnicmp
__getmainargs
sprintf
strrchr
_localtime64
_time64
__CxxFrameHandler3
strncpy
malloc
memset
memcpy
free
abort
memmove
fprintf
fclose
fopen
_CxxThrowException
strchr
feof
getc
_vsnprintf
_purecall
_access
atoi
strncmp
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_amsg_exit

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

=�
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

928f51591c42fb89f72c170e8d7fb150

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

shell32

fbclient

msvcr80

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 6KB

=� Size: 88KB - Virtual size: 88KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 6KB

=�
Size: 88KB - Virtual size: 88KB