9b2a5373a25c5d36dd4cc58971f98936ce357594d7e956fe2b56bd8e234fbfd9

Sharing

Copy URL

Twitter E-mail

General

Target

9b2a5373a25c5d36dd4cc58971f98936ce357594d7e956fe2b56bd8e234fbfd9
Size

320KB
MD5

28fbbba947c287c8c54a1a0661f1f8f0
SHA1

0a460181f0ff38a7cccabc5aa76a98552a2cf583
SHA256

9b2a5373a25c5d36dd4cc58971f98936ce357594d7e956fe2b56bd8e234fbfd9
SHA512

b6df08017813a65589ce2c9915ec731538719c7ee8c436d8c2055a5931e6da2948a1a13a0d199e439a4659aff4622f66bedaa4042a701131df18983f82848dd9
SSDEEP

6144:2IWKjeZWv2/NcljdMVCkW+OHuJefmJH13OP6KR/e6rWplrhweckRaBHcx:2+jeZWuA24+OOcfm7OP6KRW66Dacx

Score

N/A

Malware Config

Signatures

Files

9b2a5373a25c5d36dd4cc58971f98936ce357594d7e956fe2b56bd8e234fbfd9
.exe windows x86

db03859114edd67607410c1b75ce7fef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GetLargestConsoleWindowSize
VirtualUnlock
GetModuleFileNameW
SetEndOfFile
FatalAppExitA
CreateFileW
CreateDirectoryExA
CreateIoCompletionPort
DeleteCriticalSection
BackupWrite
SetConsoleMode
IsBadWritePtr
FormatMessageW
SearchPathW
GetAtomNameW
ReadDirectoryChangesW
FoldStringW
FindNextFileW
DuplicateHandle
SuspendThread
IsValidCodePage
BackupRead
GetTempPathW
GetPrivateProfileSectionW
CreateNamedPipeW
GlobalHandle
OpenFileMappingW
lstrcpyA
GetWindowsDirectoryA
GetPrivateProfileStringW
FindFirstFileA
IsBadStringPtrA
LocalReAlloc
GetModuleFileNameA
EnumCalendarInfoA
GetEnvironmentVariableW
GetSystemDefaultLangID
GetConsoleTitleW
GetEnvironmentStrings
CreateWaitableTimerW
TryEnterCriticalSection
_llseek
SetCommBreak
PulseEvent
WriteConsoleInputW
ResetEvent
SetCommTimeouts
GetLogicalDrives
SizeofResource
EnumResourceLanguagesA
HeapFree
WritePrivateProfileStringA
LocalLock
GetStringTypeExA
GlobalAlloc
GetNumberFormatW
InitializeCriticalSection
GetPrivateProfileIntW
GetUserDefaultLangID
DeleteAtom
WaitForSingleObjectEx
ExitProcess
OpenSemaphoreA
SetupComm
EnumResourceLanguagesW
GetLongPathNameW
MoveFileA
_lwrite
TlsGetValue
CreateFiber
HeapValidate
VirtualProtect
GetModuleHandleA
FillConsoleOutputCharacterW
SetCurrentDirectoryW
GetStartupInfoA
OpenEventW
WriteConsoleW
TlsSetValue
BackupSeek
GetFileTime
GetCurrentThreadId
LocalAlloc
GetThreadContext
GetCommandLineW
GetDiskFreeSpaceA
SetCurrentDirectoryA
FreeEnvironmentStringsW
TerminateProcess
GetTempFileNameW
GetProfileIntW
GetDiskFreeSpaceExA
WriteFile
Beep
FreeEnvironmentStringsA
SetCommState
GetCurrentProcess
CallNamedPipeA
GetVersionExA

user32

IsCharLowerW
CloseWindow
CreateDesktopA
OemKeyScan
EnumDisplaySettingsExW
CreateCursor
DestroyAcceleratorTable
ReleaseDC
UnregisterClassA
EnumChildWindows
SetMenuInfo
GetThreadDesktop
SubtractRect
InsertMenuItemW
SetWindowWord
ChangeDisplaySettingsA
KillTimer
SetParent
CreateMenu
DrawMenuBar
RegisterDeviceNotificationW
CascadeWindows
DestroyMenu
LoadKeyboardLayoutA
EnumDisplayDevicesA
GetParent
ScrollWindowEx

gdi32

GetTextAlign
RealizePalette
GetDIBits
TextOutA
EnumMetaFile
GetWinMetaFileBits
CreateFontIndirectA
GetRgnBox

comdlg32

GetSaveFileNameW

advapi32

InitiateSystemShutdownW
OpenSCManagerW
CryptGenRandom
IsValidAcl
CopySid
SetSecurityInfo
GetCurrentHwProfileW
CryptGetUserKey
RegQueryInfoKeyA
SetSecurityDescriptorOwner
GetFileSecurityW
ReportEventW
SetTokenInformation

shell32

Shell_NotifyIconW

ole32

CoAddRefServerProcess
CoLockObjectExternal
StgOpenStorage
DoDragDrop
CreateOleAdviseHolder
CoInitializeEx
CreateItemMoniker
ReadFmtUserTypeStg

oleaut32

SafeArrayRedim
SafeArrayGetElement
VariantChangeType
SafeArrayUnaccessData
VariantInit
RegisterTypeLi
SafeArrayCreateVector
SetErrorInfo
SafeArrayCreate
LoadTypeLibEx

comctl32

_TrackMouseEvent

shlwapi

PathCommonPrefixW
PathCanonicalizeW
wvnsprintfW
SHQueryValueExW
PathFindFileNameA
PathAppendW

setupapi

SetupDiOpenDevRegKey
SetupGetTargetPathW

msvcrt

__p__fmode
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__setusermatherr
_adjust_fdiv
__p__commode
_initterm
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

db03859114edd67607410c1b75ce7fef

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

msvcrt

Sections

.text Size: 288KB - Virtual size: 284KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 288KB - Virtual size: 284KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 16KB