9e6a1628222295e94b1d15bbfebc0a22d7cf11d78a5785282283215eab062146

Sharing

Copy URL

Twitter E-mail

General

Target

9e6a1628222295e94b1d15bbfebc0a22d7cf11d78a5785282283215eab062146
Size

77KB
MD5

459a1b62476b2b8c246cbebe23ed6035
SHA1

949ace5987007bb1378e2ef7156920269a609943
SHA256

9e6a1628222295e94b1d15bbfebc0a22d7cf11d78a5785282283215eab062146
SHA512

d7ce41e8ad102917844796cf82bf7da03cbc182aacb39373fe1ba47a63f31993e7e9f5ef2d6a4ee74dd62c0cae43a6e0146866bd4839d4ff638b7a8b0d05b7c4
SSDEEP

1536:ZtHF5geAD7efNm9hQH5kCu6W1STnTpGY1hpJ1xzhP9h/nd4:ZxUD7efkNrQTtDphzhPzd4

Score

N/A

Malware Config

Signatures

Files

9e6a1628222295e94b1d15bbfebc0a22d7cf11d78a5785282283215eab062146
.exe windows x86

65fc815ae93ef483dcfd594215774fc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
WriteConsoleW
SetStdHandle
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetStringTypeW
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
GetPrivateProfileStringA
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapReAlloc
FlushFileBuffers
LocalFree
CloseHandle
LocalSize
QueryPerformanceCounter
GetModuleFileNameA
GetLastError
MultiByteToWideChar
CreateFileW
Sleep
GlobalAlloc
FormatMessageA
GetProcessHeap
GlobalLock
HeapFree
GetCurrentProcess
HeapAlloc
lstrlenA
EncodePointer
HeapCreate
GetModuleFileNameW
GetStdHandle
WriteFile
DecodePointer
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GlobalHandle
LocalAlloc
SetHandleCount
GetLocalTime
TlsSetValue
ExitProcess

user32

SetMenuDefaultItem
ScrollWindowEx
CreateWindowExW
IsWindow
AppendMenuA
DrawMenuBar
SetWindowTextA
SendMessageW
SetDlgItemTextA
ModifyMenuA
GetWindow
MoveWindow
OpenClipboard
FrameRect
SetWindowPlacement
CloseClipboard
GetWindowRect
InsertMenuItemA
SendDlgItemMessageA
GetWindowDC
FillRect
GetMenuItemID
GetParent
wsprintfA
CopyAcceleratorTableA
GetClientRect
CreateMenu
GetWindowTextLengthA
SendMessageA
wsprintfW
InflateRect
GetWindowPlacement
OffsetRect
GetWindowTextA
SetWindowLongA
GetScrollInfo
MessageBoxA
InvalidateRect
GetClipboardData
ReleaseDC
GetDlgItem
EndDialog
GetDesktopWindow
CheckDlgButton
ShowWindow
SetMenu
CreatePopupMenu
GetSysColorBrush

gdi32

GetDIBits
SetDCBrushColor
SelectObject
CreateCompatibleDC
SetMapMode
SaveDC
SetStretchBltMode
GetObjectA
RestoreDC
TextOutA
GetDeviceCaps

advapi32

CryptImportKey
RegCloseKey
RegOpenKeyA
CryptDestroyKey
CryptEncrypt
OpenProcessToken
CryptAcquireContextA
CryptReleaseContext
RegQueryValueExA
GetTokenInformation
CryptSetKeyParam

ole32

CLSIDFromString

oleaut32

SysAllocString
SysFreeString
SafeArrayPtrOfIndex
SafeArrayUnlock
SysAllocStringLen
SafeArrayGetRecordInfo
SafeArrayLock

ws2_32

WSAIoctl
WSAGetLastError
setsockopt

crypt32

CertFreeCertificateContext
CertCreateCertificateContext
CryptImportPublicKeyInfo

shlwapi

PathFileExistsW
PathIsRelativeW
StrRChrA

comctl32

GetMUILanguage

wintrust

CryptCATCatalogInfoFromContext
CryptCATAdminReleaseContext
CryptCATAdminEnumCatalogFromHash
WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminAcquireContext

uxtheme

IsAppThemed

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65fc815ae93ef483dcfd594215774fc4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

ws2_32

crypt32

shlwapi

comctl32

wintrust

uxtheme

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 6KB - Virtual size: 5KB