fff9a2d4fb632eca25dc2af1f7d2815b027509d65ac5d6c59f8811550860b3e9

Sharing

Copy URL Twitter E-mail

General

Target

fff9a2d4fb632eca25dc2af1f7d2815b027509d65ac5d6c59f8811550860b3e9
Size

628KB
MD5

ce7f649c1ad48f56df906cc99be5f7e6
SHA1

e448e96cb00d1bc0ebd9af369650892fc96ff84c
SHA256

fff9a2d4fb632eca25dc2af1f7d2815b027509d65ac5d6c59f8811550860b3e9
SHA512

faa186aaf10c7600380641ef8ba22587a0ca512f595622f36ccc95f3b7c29f3f1a1f7502f2edf8402bfd560bf305de4baf0009dbca2b01383adb8b888ffc977c
SSDEEP

12288:BqO7GDJ5K2EYQbNyTcyouEhRDCW5I1PTopO75jv0sF/:4O7GDG2EYmNyQtuM0oAVjvR/

Score

N/A

Malware Config

Signatures

Files

fff9a2d4fb632eca25dc2af1f7d2815b027509d65ac5d6c59f8811550860b3e9
.exe windows x86

51788d54a8d14b729482cb72c4a8ee71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetLocaleInfoW
Sleep
EnumDateFormatsA
WideCharToMultiByte
GetLastError
HeapDestroy
VirtualAlloc
WriteConsoleW
CreateMutexA
FindNextChangeNotification
HeapSize
GetStartupInfoA
WriteConsoleA
DeleteCriticalSection
GetVersionExA
InterlockedExchange
FreeEnvironmentStringsW
WriteFile
TerminateProcess
GetCommandLineA
HeapLock
LCMapStringW
TlsSetValue
GetStdHandle
SetEvent
GetCurrentProcess
GetProcAddress
DeleteFileW
HeapCreate
GetFileAttributesW
ExitProcess
HeapAlloc
FindFirstFileA
GetEnvironmentStringsW
InterlockedIncrement
TlsFree
TlsAlloc
CreateFileA
SetFilePointer
EnterCriticalSection
GetTimeFormatA
GetCurrentThread
GetUserDefaultLCID
GetTimeZoneInformation
GetStringTypeW
IsValidCodePage
InterlockedDecrement
GetAtomNameW
LoadLibraryA
GetLogicalDriveStringsW
InitializeCriticalSection
EnumSystemLocalesA
GetConsoleCP
SetHandleCount
WritePrivateProfileStringA
GetProfileStringW
GetExitCodeProcess
SetUnhandledExceptionFilter
IsValidLocale
HeapFree
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
FreeLibrary
ReadConsoleOutputAttribute
QueryPerformanceCounter
GetModuleHandleA
ReadFile
CompareStringW
GetConsoleOutputCP
GetOEMCP
EnumSystemCodePagesA
CompareStringA
GetEnvironmentStrings
GetFileType
OpenMutexA
GetCurrentThreadId
CloseHandle
GetStringTypeA
SetConsoleCtrlHandler
MultiByteToWideChar
HeapReAlloc
RtlZeroMemory
GetSystemTimeAsFileTime
GetConsoleMode
FindResourceW
GetLocaleInfoA
WaitForMultipleObjects
GetACP
LeaveCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetExitCodeThread
SetEnvironmentVariableA
GetCPInfo
GlobalAlloc
GetSystemDefaultLangID
GetTickCount
lstrlenW
VirtualFree
SetLastError
GetProcessHeap
IsDebuggerPresent
TlsGetValue
SetStdHandle
GetDateFormatA
VirtualQuery
LCMapStringA

comctl32

ImageList_SetDragCursorImage
DrawInsert
ImageList_GetIconSize
ImageList_Draw
CreateUpDownControl
ImageList_ReplaceIcon
ImageList_EndDrag
InitCommonControlsEx
ImageList_Read
CreatePropertySheetPage
_TrackMouseEvent
CreateToolbar
ImageList_Add

user32

EnumDisplayDevicesW
DialogBoxIndirectParamW
DefMDIChildProcA
RegisterClassA
DefWindowProcA
GetMenuItemInfoA
WaitMessage
CreateCaret
RegisterClassExA
CharLowerW
WinHelpW
DdeConnect
SetMenuItemInfoW
GetMessageW
GetGUIThreadInfo
DdeAbandonTransaction
GetWindowPlacement
SendInput
IsCharLowerA
EnumDisplayMonitors
DdeQueryStringW
CharUpperBuffW
IsCharAlphaNumericA
GetUpdateRect
DestroyIcon
CharLowerBuffW
SubtractRect
DialogBoxParamA
CreateWindowExW
CharPrevW
SetClassWord
MapWindowPoints
DdeReconnect
SetWindowPlacement
GetInputDesktop
UnregisterClassA
RealGetWindowClass
GetMonitorInfoW
GrayStringA
SetMenu
GetKBCodePage
ShowWindow
DragObject
TrackMouseEvent
IsCharAlphaW
MessageBoxA
DestroyWindow
ChildWindowFromPoint
UnregisterClassW
GetClipboardViewer
GetThreadDesktop

advapi32

LookupPrivilegeValueA
CryptDestroyHash
LookupSecurityDescriptorPartsA
RegCloseKey
RegQueryInfoKeyW
CryptHashData
RevertToSelf
RegQueryValueA
LogonUserA
RegDeleteKeyA
AbortSystemShutdownW
RegCreateKeyW
CryptEncrypt
CryptCreateHash
RegOpenKeyExA
RegOpenKeyA
CryptEnumProviderTypesW
CryptGetDefaultProviderA
RegDeleteValueW

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51788d54a8d14b729482cb72c4a8ee71

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 264KB - Virtual size: 261KB

.data Size: 108KB - Virtual size: 132KB

.rsrc Size: 60KB - Virtual size: 58KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 264KB - Virtual size: 261KB

.data
Size: 108KB - Virtual size: 132KB

.rsrc
Size: 60KB - Virtual size: 58KB