9e3093bd14943e2377f366bed3ef152028ad437deb37764581995dccd4e0b465

Sharing

Copy URL

Twitter E-mail

General

Target

9e3093bd14943e2377f366bed3ef152028ad437deb37764581995dccd4e0b465
Size

209KB
MD5

d960e0563aa47b856beb03a07be9e2f4
SHA1

3975a52e3a27c8a2fefbc56744dc675130913091
SHA256

9e3093bd14943e2377f366bed3ef152028ad437deb37764581995dccd4e0b465
SHA512

0ade6894227e1004f6073218173a200f78c2aaaf4c473a808b69c99cc119922b86148570f8264033e11964cfc9b1b272646e04c48ed65751874fba5290b4cacf
SSDEEP

6144:P3S2oX3HsHxuB7/rVRNNKkanUV2l5l5zA:vmMur/HV2zI

Score

N/A

Malware Config

Signatures

Files

9e3093bd14943e2377f366bed3ef152028ad437deb37764581995dccd4e0b465
.exe windows x86

5630ec6f87ea61ebd871b3e84cd15c90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FlushFileBuffers
FlushInstructionCache
GetACP
GetAtomNameA
GetComputerNameA
GetComputerNameExW
GetConsoleAliasW
GetConsoleCursorInfo
GetConsoleFontSize
GetConsoleScreenBufferInfo
GetCurrencyFormatW
GetDriveTypeW
GetEnvironmentStrings
GetFileAttributesExW
GetFullPathNameA
GetLastError
GetLocalTime
GetLogicalDrives
GetModuleFileNameW
GetNumberOfConsoleInputEvents
GetPrivateProfileSectionNamesA
GetProcessPriorityBoost
GetStartupInfoA
GetStringTypeExA
GetTimeZoneInformation
GetUserDefaultLCID
GetVolumeNameForVolumeMountPointA
GlobalFree
GlobalMemoryStatus
GlobalUnlock
Heap32ListNext
Heap32Next
HeapAlloc
InterlockedExchangeAdd
InterlockedIncrement
IsBadReadPtr
EnumSystemCodePagesA
IsValidCodePage
IsValidLanguageGroup
LocalFileTimeToFileTime
MoveFileWithProgressA
MoveFileWithProgressW
MulDiv
OpenSemaphoreW
QueryDosDeviceA
RaiseException
ReadConsoleA
ReadConsoleOutputW
ResetEvent
RtlFillMemory
RtlMoveMemory
SetCalendarInfoA
SetConsoleCP
SetConsoleScreenBufferSize
SetConsoleTitleW
SetLocaleInfoW
SetProcessWorkingSetSize
SetThreadContext
SetThreadLocale
SetTimeZoneInformation
SleepEx
UpdateResourceW
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitNamedPipeA
WriteConsoleA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterW
WriteFileGather
WriteProfileSectionW
_hread
lstrcmp
lstrcpyA
EnumLanguageGroupLocalesA
EnumDateFormatsA
EnumCalendarInfoA
EnterCriticalSection
CreateFileW
DosDateTimeToFileTime
DisableThreadLibraryCalls
DeleteVolumeMountPointA
DeleteCriticalSection
DefineDosDeviceA
DebugActiveProcess
CreateNamedPipeA
CreateHardLinkW
CreateHardLinkA
CreateConsoleScreenBuffer
ClearCommError
ClearCommBreak
VirtualAlloc
GetWindowsDirectoryW
lstrlenW
lstrcpyW
IsBadStringPtrW

user32

wvsprintfW
WindowFromPoint
WindowFromDC
WaitMessage
UnloadKeyboardLayout
UnionRect
TranslateAccelerator
TrackPopupMenuEx
ToUnicodeEx
ToAsciiEx
SetWindowTextA
LoadIconA
AnimateWindow
AppendMenuA
AttachThreadInput
ChangeDisplaySettingsExW
CharNextExA
CharPrevW
CharToOemW
CharUpperW
CheckDlgButton
ClipCursor
CopyRect
DdeAddData
DdeDisconnect
DdeEnableCallback
DdeUninitialize
DlgDirSelectExW
EmptyClipboard
EnableScrollBar
EnableWindow
EndDeferWindowPos
EnumClipboardFormats
EnumDesktopsA
FindWindowExW
GetClassInfoExA
GetClassLongA
GetClipboardOwner
GetCursorInfo
GetDlgItemTextW
GetGuiResources
GetInputState
GetKeyNameTextW
GetKeyState
GetKeyboardType
GetMenuItemInfoA
GetMenuState
GetMessagePos
GetParent
GetScrollInfo
GetScrollRange
GetSystemMetrics
GetTabbedTextExtentA
GetWindowContextHelpId
GrayStringA
IMPGetIMEW
IMPQueryIMEA
InsertMenuItemW
InsertMenuW
InvalidateRgn
IsCharLowerA
IsClipboardFormatAvailable
IsDialogMessageW
IsRectEmpty
LoadCursorA
LoadImageA
LoadKeyboardLayoutW
LoadMenuIndirectA
LookupIconIdFromDirectoryEx
MapWindowPoints
MessageBoxIndirectA
MessageBoxW
MonitorFromRect
NotifyWinEvent
OemToCharA
OpenClipboard
RealChildWindowFromPoint
ReleaseCapture
RemovePropA
ReplyMessage
ScrollWindow
SendDlgItemMessageW
SendIMEMessageExA
SendMessageA
SendNotifyMessageA
SetCaretPos
SetClassLongW
SetCursor
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuDefaultItem
SetMessageExtraInfo
SetRect
SetSysColors

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
ChooseColorA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

advapi32

RegOpenKeyExA

ole32

WdtpInterfacePointer_UserFree
UtConvertDvtd32toDvtd16
UpdateDCOMSettings
StringFromIID
StringFromCLSID
StgSetTimes
StgPropertyLengthAsVariant
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateStorageEx
SetConvertStg
STGMEDIUM_UserSize
SNB_UserSize
ReleaseStgMedium
RegisterDragDrop
ReadOleStg
ProgIDFromCLSID
OleUninitialize
OleRegEnumVerbs
OleRegEnumFormatEtc
OleQueryLinkFromData
OleMetafilePictFromIconAndLabel
OleInitialize
OleCreateLinkFromDataEx
OleCreateLinkEx
OleCreateLink
OleCreateFromFileEx
OleCreateFromDataEx
OleCreateFromData
MkParseDisplayName
IsEqualGUID
HkOleRegisterObject
HWND_UserSize
HWND_UserFree
HPALETTE_UserFree
HMENU_UserFree
HICON_UserSize
HGLOBAL_UserMarshal
HBRUSH_UserSize
HBITMAP_UserMarshal
HACCEL_UserFree
GetHGlobalFromStream
GetHGlobalFromILockBytes
GetClassFile
DoDragDrop
DllGetClassObjectWOW
CreateStreamOnHGlobal
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CreateGenericComposite
CreateDataAdviseHolder
CreateAntiMoniker
CoWaitForMultipleHandles
CoUnmarshalHresult
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoSuspendClassObjects
CoSetProxyBlanket
CoRevokeMallocSpy
CoRevokeClassObject
CoRevertToSelf
CoResumeClassObjects
CoReleaseMarshalData
CoRegisterMallocSpy
CoMarshalHresult
CoLoadLibrary
CoIsOle1Class
CoIsHandlerConnected
CoInstall
CoGetObjectContext
CoGetClassVersion
CoGetCallContext
CoFreeAllLibraries
CoDosDateTimeToFileTime
CoDisconnectObject
CoDisableCallCancellation
CoCopyProxy
CoAddRefServerProcess
CLSIDFromString
CLSIDFromProgID
CLIPFORMAT_UserFree
BindMoniker
StringFromGUID2

oleaut32

VarI1FromUI4
VarI1FromUI2
VarI1FromI4
VarI1FromDec
VarI1FromCy
VarFix
VarDecFromUI2
VarDecFromStr
VarDecFromCy
VarDecFromBool
VarDecFix
VarDateFromUI4
VarDateFromUI2
VarDateFromR4
VarDateFromI2
VarDateFromDisp
VarDateFromDec
VarCySu
VarCyRound
VarCyFromUI2
VarCyFromStr
VarCyFromR4
VarCyFromI4
VarCyFromDisp
VarCyFromDec
VarCyFromDate
VarCyFromBool
VarCyFix
VarCmp
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromUI1
VarBstrFromI1
VarBoolFromUI1
VarBoolFromI4
VarBoolFromDec
VarBoolFromDate
VarAnd
VARIANT_UserSize
VARIANT_UserMarshal
SysStringLen
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayGetIID
SafeArrayGetElemsize
SafeArrayDestroy
SafeArrayCreateVectorEx
SafeArrayCreateVector
SafeArrayCreateEx
SafeArrayCopyData
OleLoadPictureFileEx
OleLoadPictureFile
OleCreatePropertyFrameIndirect
OleCreatePropertyFrame
OleCreateFontIndirect
LoadTypeLibEx
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_Unmarshal
LPSAFEARRAY_Size
DispInvoke
DispCallFunc
ClearCustData
VarI2FromBool
VarI2FromDisp
VarI2FromR4
VarI2FromR8
VarI4FromUI4
VarIdiv
VarR4FromI1
VarR4FromI4
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8Round
VarUI1FromCy
VarUI1FromDisp
VarUI1FromStr
VarUI2FromCy
VarUI2FromDate
VarUI2FromI4
VarUI4FromR4
VariantCopy
VariantTimeToSystemTime
VarUI2FromDisp

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5630ec6f87ea61ebd871b3e84cd15c90

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 198KB - Virtual size: 197KB

.data Size: 512B - Virtual size: 188B

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 198KB - Virtual size: 197KB

.data
Size: 512B - Virtual size: 188B

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 2KB