9d4d5ed002bc975676fa42863b3a443fdaf29019ee165cf3cd9dcb8f24c8dfb8

Sharing

Copy URL Twitter E-mail

General

Target

9d4d5ed002bc975676fa42863b3a443fdaf29019ee165cf3cd9dcb8f24c8dfb8
Size

4.5MB
MD5

5155ddbf353a030c00d067ecf486e04d
SHA1

ddd80044d3b61d05c96c65f48a59a704eb88fb3c
SHA256

9d4d5ed002bc975676fa42863b3a443fdaf29019ee165cf3cd9dcb8f24c8dfb8
SHA512

236f692dcbbac09eea9e717a786252bcf9e6634465e82e7fe404954f7f7bcb7a5fdf64d35248643fb4b11545ec088746a1d5eb28572353b7a10435aa451f6368
SSDEEP

49152:QZVnlmqAMyV64X9aXk/vd2ctOA03wC+OWxy8bdXcV648mfzHVGpZyVHIy6vQcSbB:ElmqAvJldX2ViadFzHV88VHMIjie

Score

N/A

Malware Config

Signatures

Files

9d4d5ed002bc975676fa42863b3a443fdaf29019ee165cf3cd9dcb8f24c8dfb8
.exe windows x86

c3d9ea41c0d522983c63fe57ab8ac16d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
HeapAlloc
HeapFree
IsBadWritePtr
CreateMutexA
Sleep
HeapReAlloc
GetCurrentProcessId
CreateFileW
WideCharToMultiByte
GetModuleHandleExW
GetLastError
GetTickCount
InterlockedCompareExchange
ExitProcess
GetModuleHandleA
GetVersionExA
VirtualAlloc
VirtualFree
GetFileAttributesA
CloseHandle
GetTempPathA
LoadLibraryA
GetProcAddress
GetProcessHeap
RemoveDirectoryA
GetCurrentThreadId
SystemTimeToFileTime
FileTimeToLocalFileTime
SetLastError
ReadFile
GetLocalTime
GetCurrentProcess
WriteConsoleW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
SetEndOfFile
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetFilePointer
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetStringTypeW
GetModuleFileNameA
QueryPerformanceCounter

advapi32

RegQueryInfoKeyW
RegEnumKeyA
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegEnumValueA
RegOpenKeyExW
RegQueryValueW
RegCreateKeyExA
RegCreateKeyExW

user32

DestroyWindow
DefWindowProcW
GetClientRect
FindWindowW
CreateWindowExA
ShowWindow
SendMessageA
UpdateWindow
SetForegroundWindow
RegisterWindowMessageW
SetWindowPos
SendMessageW
EnumWindows
PostQuitMessage
RegisterClassExW
GetLastInputInfo
PeekMessageA
CreateWindowExW
TranslateMessage
GetDesktopWindow
CloseDesktop
RegisterWindowMessageA
RegisterClassExA
LoadIconA
CheckMenuItem
MsgWaitForMultipleObjects
TrackPopupMenu
SetFocus
RedrawWindow

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3d9ea41c0d522983c63fe57ab8ac16d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 58KB - Virtual size: 69KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 23KB - Virtual size: 23KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 58KB - Virtual size: 69KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 23KB - Virtual size: 23KB