f9a851422cdc3c72b8bca46ef436e6038627fa199fc31f0ab40974bbbd62d51a

Sharing

Copy URL

Twitter E-mail

General

Target

f9a851422cdc3c72b8bca46ef436e6038627fa199fc31f0ab40974bbbd62d51a
Size

618KB
MD5

2650a9e0048b790df6cb36fcc30be6a0
SHA1

ecad8dd9ea4f86c7688c1169adee62b463ed60b6
SHA256

f9a851422cdc3c72b8bca46ef436e6038627fa199fc31f0ab40974bbbd62d51a
SHA512

5f01bb6fa2c5f66e60a69d8f786488e0cefa7e4470c4414cdfd4a3c5d6d271d07bf93be8cabd8a02cf822300a429cc004e500ea859b9ab2eb79ea7dcc8cdd6ff
SSDEEP

12288:NIra1GSCykUX89vfcO/A+5SzzfcO/FIM9xzLXrn4w0a9MigQcE9RBuPFK:NI2wSCykUXgfcO/azzt/v95XrnzF/c2W

Score

N/A

Malware Config

Signatures

Files

f9a851422cdc3c72b8bca46ef436e6038627fa199fc31f0ab40974bbbd62d51a
.exe windows x64

5e0e94ae048c25f75751961b16596ae0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW

kernel32

LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
lstrlenW
GetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
lstrcmpiW
GetCurrentThreadId
SetEvent
SetLastError
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
LockResource
FindResourceExW
LocalFree
FormatMessageW
RaiseException
CreateThread
CreateEventW
ReleaseSemaphore
CreateSemaphoreW
EnterCriticalSection
WaitForSingleObjectEx
GetSystemInfo
OutputDebugStringA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
Sleep
InterlockedPushEntrySList
VirtualAlloc
InterlockedPopEntrySList
VirtualFree
WideCharToMultiByte
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
CloseHandle

user32

DialogBoxParamW
GetActiveWindow
MessageBoxW
SetWindowLongPtrW
CharNextW
UnregisterClassA
DefWindowProcW
EndDialog
SendMessageW
GetWindowLongW
SetTimer
KillTimer
GetDlgItem
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetWindowRect
GetWindow
GetParent
LoadStringW

msvcrt

wcslen
__wgetmainargs
vswprintf_s
_vscwprintf
wcsstr
memmove_s
wcsncpy_s
memcpy_s
free
malloc
__C_specific_handler
memset
??3@YAXPEAX@Z
_XcptFilter
_exit
_cexit
exit
_wcmdln
_initterm
_amsg_exit
__setusermatherr
_fmode
__set_app_type
realloc
_errno
_unlock
memcpy
memcmp
?terminate@@YAXXZ
_onexit
_lock
_purecall
__dllonexit
_commode

ole32

StringFromCLSID
CoInitialize
CLSIDFromString
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoInitializeEx
CoTaskMemAlloc

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
VarUI4FromStr
SysFreeString

comctl32

InitCommonControlsEx

mfplat

MFHeapAlloc
MFHeapFree

shell32

ShellExecuteW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 564KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e0e94ae048c25f75751961b16596ae0

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

ole32

oleaut32

comctl32

mfplat

shell32

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 564KB - Virtual size: 2.5MB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 564KB - Virtual size: 2.5MB