d9e6576999590a102f1ddca6a0dd3a036ceb8556d963f898303bea5ea5a86240

Sharing

Copy URL Twitter E-mail

General

Target

d9e6576999590a102f1ddca6a0dd3a036ceb8556d963f898303bea5ea5a86240
Size

375KB
MD5

2173300e575727df6bb162976d61aba1
SHA1

77b704d2d95d8a123d55f14473ca61b60301ff02
SHA256

d9e6576999590a102f1ddca6a0dd3a036ceb8556d963f898303bea5ea5a86240
SHA512

e6a99458fe5690d6b406f97dc1350c9c96d4435c7b24d4e5eda78b25bd0492d61d458cb82c66328bdf83cc043d2cb4de11f8736ff9aee93f8d46378cd1d7722d
SSDEEP

6144:zC0zjNylx2GPfRoSedd2iGMoNqvL3lQSOCRdi6zAL2PXU9iQv9OQF7HF6dHwV2M:zdI2GfePuqvL1/BRdJzF+9Ow7MRK

Score

N/A

Malware Config

Signatures

Files

d9e6576999590a102f1ddca6a0dd3a036ceb8556d963f898303bea5ea5a86240
.exe windows x86

3ee744a94eb49088ba22c9a7dcaaa5e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitializeSecurityDescriptor
CryptVerifySignatureW
CryptContextAddRef
RegReplaceKeyW
CryptGetDefaultProviderW
RegQueryValueExA
CryptSignHashA
RegOpenKeyExW

kernel32

TlsAlloc
ReadFile
SetLastError
UnhandledExceptionFilter
GetCurrentProcess
CreateMutexA
GetCPInfo
WritePrivateProfileStructA
FindNextFileA
GetThreadPriorityBoost
HeapFree
GetSystemTimeAsFileTime
CompareStringW
LoadLibraryA
GetFileType
LCMapStringW
GetStdHandle
SetHandleCount
LCMapStringA
FreeEnvironmentStringsW
IsValidCodePage
HeapDestroy
ExitProcess
LoadLibraryExA
GetOEMCP
ReadConsoleA
RtlUnwind
GetLocalTime
GetModuleFileNameA
GetCurrentThread
DeleteCriticalSection
GetModuleHandleA
GetEnvironmentStrings
GetTimeZoneInformation
TlsGetValue
InterlockedIncrement
GetStringTypeA
GetProcAddress
GetCommandLineA
VirtualQuery
VirtualFree
LeaveCriticalSection
GetPrivateProfileSectionNamesW
VirtualAlloc
FreeEnvironmentStringsA
SetStdHandle
GetEnvironmentStringsW
EnterCriticalSection
TlsSetValue
CompareStringA
WideCharToMultiByte
SetEnvironmentVariableA
ReleaseSemaphore
InitializeCriticalSection
GetCurrentThreadId
GetTickCount
HeapCreate
OpenMutexA
GetVersion
HeapAlloc
MultiByteToWideChar
TerminateProcess
FlushFileBuffers
GetCurrentProcessId
WriteFile
GetSystemTime
InterlockedExchange
GetStartupInfoA
QueryPerformanceCounter
GetLastError
IsBadWritePtr
HeapReAlloc
TlsFree
CloseHandle
GetCalendarInfoA
GetACP
InterlockedDecrement
SetFilePointer
GetStringTypeW

wininet

InternetConnectW
ShowSecurityInfo
InternetWriteFileExA

user32

DestroyWindow
MsgWaitForMultipleObjectsEx
ImpersonateDdeClientWindow
ShowCaret
EnumThreadWindows
CreateWindowExW
IsCharAlphaW
GetTabbedTextExtentW
CharPrevA
OpenWindowStationW
SwitchToThisWindow
IsDlgButtonChecked
RegisterWindowMessageW
DefWindowProcW
ShowWindow
RegisterClassA
CopyImage
RegisterClassExA
DlgDirListComboBoxA
DdeConnect
AttachThreadInput
ChangeDisplaySettingsExA
MessageBoxW
KillTimer

comctl32

DrawStatusTextW
CreateUpDownControl
ImageList_SetBkColor
CreateToolbar
ImageList_EndDrag
ImageList_AddMasked
ImageList_LoadImageW
ImageList_DrawEx
ImageList_DragMove
InitCommonControlsEx
GetEffectiveClientRect
MakeDragList
DrawInsert

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ee744a94eb49088ba22c9a7dcaaa5e2

Headers

File Characteristics

Imports

advapi32

kernel32

wininet

user32

comctl32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 77KB - Virtual size: 104KB

.data Size: 93KB - Virtual size: 93KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 77KB - Virtual size: 104KB

.data
Size: 93KB - Virtual size: 93KB

.rsrc
Size: 51KB - Virtual size: 51KB