9a2aaa4e13e7de8cc43635692713a1cc93d84412e5745cd2bd2a90c5d10c0117

Sharing

Copy URL

Twitter E-mail

General

Target

9a2aaa4e13e7de8cc43635692713a1cc93d84412e5745cd2bd2a90c5d10c0117
Size

4.6MB
MD5

6be2684284b3812ca845422cbbb46b8e
SHA1

4fa46e361d16c889ad0fd4b5403508fb7f06c289
SHA256

9a2aaa4e13e7de8cc43635692713a1cc93d84412e5745cd2bd2a90c5d10c0117
SHA512

acf16e65939a1b219447fc564785c97ac1dbe63dec68c045ab28fcf1cd01da38727f9e0d9ca73a3ccb0e2618b68ccb7a3c85f03a97dfb5492422f0b0afaea4aa
SSDEEP

98304:IB5ZQZz8FK10bOlT84AkxqYmZHj3E7vqiVDBXptM+cD:o5eHAkxAuNVRoD

Score

N/A

Malware Config

Signatures

Files

9a2aaa4e13e7de8cc43635692713a1cc93d84412e5745cd2bd2a90c5d10c0117
.exe windows x86

6e7a8631427a95146418b9180d800024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTempPathA
CloseHandle
GetFileAttributesA
SystemTimeToFileTime
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
CreateMutexA
GetModuleHandleExW
LoadLibraryA
GetLastError
InterlockedCompareExchange
SetLastError
DisableThreadLibraryCalls
GetModuleHandleA
GetVersionExA
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForSingleObject
FileTimeToSystemTime
VirtualAlloc
VirtualFree
GetProcAddress
ExitThread
RemoveDirectoryA
GetTickCount
ReadFile
GetCurrentThread
HeapReAlloc
Sleep
ResumeThread
WriteConsoleW
CreateFileW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetEndOfFile
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetFilePointer
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileType
GetStartupInfoW
GetStringTypeW
GetModuleFileNameA

advapi32

RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyW
RegQueryInfoKeyA

user32

MsgWaitForMultipleObjects
GetWindowTextW
MessageBoxW
DispatchMessageW
GetClientRect
DefWindowProcW
TranslateMessage
SetForegroundWindow
RegisterClassExW
RedrawWindow
SendMessageA
SetWindowPos
RegisterWindowMessageW
UpdateWindow
PostQuitMessage
CreatePopupMenu
LoadIconA
RegisterWindowMessageA
RegisterClassExA
SendMessageW
PeekMessageW
GetParent
BringWindowToTop
LoadIconW
MessageBoxA
TrackPopupMenu
GetSystemMetrics
EnumWindows
SetFocus
GetDesktopWindow
GetWindowRect
PostMessageW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e7a8631427a95146418b9180d800024

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 3.0MB - Virtual size: 3.0MB

.data Size: 125KB - Virtual size: 135KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 125KB - Virtual size: 135KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 25KB - Virtual size: 24KB