b9c07a95c693fb2c88f422d4d3d406c4d4fc090d0a513b4226b36f51ea8e3b7f

Sharing

Copy URL

Twitter E-mail

General

Target

b9c07a95c693fb2c88f422d4d3d406c4d4fc090d0a513b4226b36f51ea8e3b7f
Size

607KB
MD5

1e1b979bceba94ccf9400417f641fb60
SHA1

c44deeed63967c5ffdebc820ae9aad4dbd034841
SHA256

b9c07a95c693fb2c88f422d4d3d406c4d4fc090d0a513b4226b36f51ea8e3b7f
SHA512

37d78e7cb814cfb892b96318d11f4c7d822b053a27beec2e7d72d5ebe0f82fc531b557085e265a05f5ad14729be098881195f6f266f29ce569dab10d61f9cea0
SSDEEP

12288:+D1CM8SDvMmu1y1vqakqWrMz+jfdiMHkPJCuQ6SgUH7J:fM/vMmiFqdz+bdiukPJm6NUV

Score

N/A

Malware Config

Signatures

Files

b9c07a95c693fb2c88f422d4d3d406c4d4fc090d0a513b4226b36f51ea8e3b7f
.exe windows x86

708c3d2f10c684c5e90a3b0e7f80d477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW
ord155
SHGetPathFromIDListW
SHGetFolderLocation
ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

kernel32

ResumeThread
InterlockedCompareExchange
VirtualQuery
LoadLibraryA
SetEvent
SetFilePointer
GetModuleHandleA
GetNativeSystemInfo
VirtualProtect
IsWow64Process
GetProcessTimes
FileTimeToDosDateTime
lstrlenA
LocalAlloc
DeviceIoControl
CreateFileA
lstrcpyA
SetThreadContext
GetThreadContext
GetSystemDirectoryA
lstrcatA
CopyFileA
GlobalAlloc
GlobalFree
ExitProcess
GetCommandLineW
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
FindClose
GetShortPathNameW
RemoveDirectoryW
GetFileSize
ReadFile
WriteFile
GetProcAddress
GetModuleHandleW
GetVersionExW
GetCurrentProcess
OpenProcess
GetTickCount
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
InterlockedIncrement
GetCurrentProcessId
CreateProcessW
WaitForMultipleObjects
WaitForSingleObject
GetTempPathW
Process32FirstW
Process32NextW
GetProcessId
TerminateProcess
CopyFileW
CreateMutexA
CreateMutexW
ReadProcessMemory
GetLongPathNameW
LocalFree
FindResourceW
LoadResource
SizeofResource
SetFileAttributesW
LoadLibraryW
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
CreateEventW
GetCurrentThreadId
SetUnhandledExceptionFilter
UnmapViewOfFile
FileTimeToLocalFileTime
GetLocalTime
ExpandEnvironmentStringsW
GetSystemInfo
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
GetFileAttributesExW
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetFullPathNameA
FreeLibrary
MoveFileExW
IsDebuggerPresent
OutputDebugStringW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
GetStringTypeW
EncodePointer
GetCPInfo
RtlUnwind
UnhandledExceptionFilter
Sleep
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetModuleHandleExW
IsValidCodePage
GetACP
GetOEMCP
GetFileType
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
LoadLibraryExW
ReadConsoleW
SetStdHandle
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
CreateThread
CloseHandle
GetFileSizeEx
CreateFileW
FindNextFileW
FindFirstFileW
GetModuleFileNameW
DecodePointer
HeapSize
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
CreateToolhelp32Snapshot
TlsAlloc

user32

LoadIconW
LoadCursorW
GetClassInfoExW
RegisterClassExW
OffsetRect
PostQuitMessage
SetWindowTextW
LoadImageW
ReleaseCapture
SetCapture
SetFocus
GetFocus
PtInRect
ScreenToClient
GetCursorPos
IsWindow
wsprintfA
GetSystemMetrics
wsprintfW
LoadStringW
UnregisterClassW
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
GetWindowLongW
DefWindowProcW
CallWindowProcW
SetWindowPos
MapWindowPoints
GetClientRect
GetParent
GetWindowRect
CreateIconFromResourceEx
GetIconInfo
IsCharAlphaNumericW
EnumChildWindows
EnumWindows
GetClassNameW
GetWindowTextW
GetWindowThreadProcessId
IsWindowVisible
SystemParametersInfoW
GetWindow
ShowWindow
UpdateLayeredWindow
BringWindowToTop
PostMessageW
SendMessageW
SetTimer
GetDC
BeginPaint
EndPaint
FillRect
SetWindowLongW
KillTimer
DestroyWindow
DestroyIcon
MessageBoxW
FindWindowW

oleaut32

SysFreeString
SysAllocString
VariantClear
VarBstrCmp

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

SHGetValueA
SHSetValueA
PathCanonicalizeW
SHGetValueW
PathFileExistsW
StrCmpIW

imm32

ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW
ImmAssociateContextEx
ImmSetOpenStatus

wininet

InternetWriteFile
InternetOpenW
InternetReadFile
HttpOpenRequestA
HttpSendRequestExW
HttpEndRequestW
HttpSendRequestA
HttpAddRequestHeadersA
InternetOpenA
InternetCloseHandle
InternetConnectA

psapi

EnumProcessModules
GetModuleFileNameExW
GetProcessMemoryInfo
GetModuleInformation

gdi32

GdiFlush
GetBitmapBits
GetObjectW
CreateDIBSection
SelectObject
DeleteObject
CreateCompatibleDC
CreateRectRgn
SelectClipRgn
CreateSolidBrush

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
GetUserNameW
OpenProcessToken
DuplicateToken
MapGenericMask
GetFileSecurityW
AccessCheck
SetSecurityDescriptorDacl
RegCloseKey
InitializeSecurityDescriptor
SetEntriesInAclW
FreeSid
CheckTokenMembership
CryptGetKeyParam
CryptReleaseContext
CryptDestroyKey
CryptEncrypt
CryptSetKeyParam
CryptImportKey
CryptAcquireContextW
RegEnumValueW
AllocateAndInitializeSid
RegOpenKeyExW

ole32

CoInitialize
CoCreateInstance

ws2_32

WSAStartup

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 230KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

708c3d2f10c684c5e90a3b0e7f80d477

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

oleaut32

version

shlwapi

imm32

wininet

psapi

gdi32

advapi32

ole32

ws2_32

dbghelp

Sections

.text Size: 276KB - Virtual size: 275KB

.rdata Size: 81KB - Virtual size: 81KB

.data Size: 10KB - Virtual size: 20KB

.rsrc Size: 230KB - Virtual size: 232KB

.text
Size: 276KB - Virtual size: 275KB

.rdata
Size: 81KB - Virtual size: 81KB

.data
Size: 10KB - Virtual size: 20KB

.rsrc
Size: 230KB - Virtual size: 232KB