9d15d102ca07d32597a3f4428fcb1d8da2340172e1ef6594cc6e311aa72d4436

Sharing

Copy URL

Twitter E-mail

General

Target

9d15d102ca07d32597a3f4428fcb1d8da2340172e1ef6594cc6e311aa72d4436
Size

3.4MB
MD5

1ffb609416dcadb459fea7f8378e7f86
SHA1

80b1bc7fbf06e6eea7016a8ebed6da563b00a379
SHA256

9d15d102ca07d32597a3f4428fcb1d8da2340172e1ef6594cc6e311aa72d4436
SHA512

707a1e9dee8a60b80480f6d5a3fb7b3a1ec24fd6ab09d9f83e55bba73857cb49b53b23dfa71f30bd710b421d58109b0d80d0a199b8c58d17cacfdcec88fe8977
SSDEEP

98304:IC4cYfneQTWkRrEuBVFLOAkGkzdnEVEFoKG:IhWKEgFLOyEFoKG

Score

N/A

Malware Config

Signatures

Files

9d15d102ca07d32597a3f4428fcb1d8da2340172e1ef6594cc6e311aa72d4436
.exe windows x64

fa454d325eff28f9b678f223679784c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wininet

InternetCheckConnectionA

urlmon

URLDownloadToFileA

wtsapi32

WTSEnumerateSessionsA

kernel32

GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetThreadPriority
ResumeThread
FormatMessageA
GlobalReAlloc
GetFileAttributesA
GetFileSize
CreateFileA
lstrcmpA
FileTimeToSystemTime
LoadLibraryExA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetTickCount
GetFileTime
GetTempFileNameA
GetFullPathNameA
GlobalFlags
LocalAlloc
TlsGetValue
TlsAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
GetModuleHandleW
SetFilePointer
GetTempPathA
GetProfileIntA
SearchPathA
LoadLibraryW
GetSystemDirectoryW
DeleteFileA
ReadFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
VirtualProtect
FileTimeToLocalFileTime
GetFileSizeEx
SetErrorMode
FindResourceExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentDirectoryA
RtlLookupFunctionEntry
RtlCaptureContext
CreateDirectoryA
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetStartupInfoA
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwindEx
RaiseException
RtlPcToFileHeader
VirtualAlloc
VirtualQuery
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetACP
IsValidCodePage
SetHandleCount
GetStdHandle
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
LocalFree
lstrlenW
MulDiv
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
lstrlenA
GlobalFree
CopyFileA
RtlVirtualUnwind
GlobalSize
GetVersionExA
GetModuleFileNameA
GetExitCodeThread
SetFileAttributesA
MultiByteToWideChar
Sleep
TerminateThread
GetCommandLineA
SetEvent
FreeLibrary
UnmapViewOfFile
MapViewOfFile
CloseHandle
Module32Next
CreateToolhelp32Snapshot
GetSystemInfo
CreateFileMappingA
Process32Next
lstrcmpiA
Module32First
GlobalUnlock
TerminateProcess
CreateProcessA
CreateEventA
GlobalAlloc
OpenProcess
GetWindowsDirectoryA
WaitForSingleObject
GlobalLock
Process32First
GetCurrentProcess
FreeResource
lstrcpyA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetLastError
GetLastError
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
FindResourceA

user32

DrawEdge
DrawFrameControl
DrawFocusRect
GetSysColorBrush
DrawIconEx
SetClassLongPtrA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetMenuDefaultItem
SetMenuDefaultItem
RegisterClipboardFormatA
DestroyAcceleratorTable
OpenClipboard
CopyImage
DestroyIcon
LoadImageA
SetClipboardData
CloseClipboard
EmptyClipboard
GetMenuItemInfoA
GetIconInfo
CharUpperBuffA
FrameRect
PostQuitMessage
ShowOwnedPopups
MapDialogRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
PostThreadMessageA
WaitMessage
SetCursorPos
CopyIcon
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
UnregisterClassA
SubtractRect
GetDoubleClickTime
IsClipboardFormatAvailable
EnumChildWindows
GetNextDlgGroupItem
DestroyCursor
DrawIcon
IsCharLowerA
MapVirtualKeyExA
CreateMenu
GetWindowRgn
SetCapture
ValidateRect
UnionRect
IsRectEmpty
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
SetParent
SetWindowRgn
IsZoomed
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
RegisterWindowMessageA
FillRect
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
ReleaseDC
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
PtInRect
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetClassNameA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetKeyState
LoadIconA
SetCursor
PeekMessageA
GetCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
IsIconic
InsertMenuItemA
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
GetWindowLongA
ShowWindow
GetWindow
IsWindow
TranslateAcceleratorA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
DrawStateA
LockWindowUpdate
GetUpdateRect
SetRect
MapVirtualKeyA
SendDlgItemMessageA
GetKeyNameTextA
GetDC
CharUpperA
NotifyWinEvent
ClientToScreen
GetMessageA
SetTimer
KillTimer
TranslateMessage
DispatchMessageA
RedrawWindow
WaitForInputIdle
ScreenToClient
GetWindowRect
IsChild
GetSubMenu
GetFocus
LoadBitmapA
GetParent
LoadMenuA
GetClientRect
SendMessageA
MessageBeep
WindowFromPoint
GetSystemMenu
DeleteMenu
IsMenu
GetAsyncKeyState
GetCursorPos
UpdateLayeredWindow
LoadCursorA
GetWindowTextA
EnableScrollBar
SetRectEmpty
InflateRect
InvalidateRect
GetSysColor
UpdateWindow
EnableWindow
ReleaseCapture

gdi32

GetTextCharsetInfo
SetDIBColorTable
GetViewportExtEx
GetDIBits
RealizePalette
StretchBlt
SetPixel
Rectangle
RoundRect
EnumFontFamiliesA
SetBkColor
GetDeviceCaps
CopyMetaFileA
BitBlt
CreateDIBSection
GetTextMetricsA
DPtoLP
SetRectRgn
GetObjectType
CreateDIBitmap
CreatePen
CreateRoundRectRgn
CreateRectRgnIndirect
PatBlt
CreateSolidBrush
GetObjectA
GetStockObject
GetTextExtentPoint32A
DeleteObject
CreateFontIndirectA
SelectPalette
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
SetPixelV
GetTextFaceA
CreateHatchBrush
CreateRectRgn
CreateEllipticRgn
CreatePolygonRgn
CombineRgn
TextOutA
RectVisible
PtVisible
GetPixel
SetTextColor
GetClipBox
GetDCOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
EnumFontFamiliesExA
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
ExtTextOutA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
OffsetRgn
GetRgnBox
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetNearestPaletteIndex
GetSystemPaletteEntries
GetWindowExtEx

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
OpenProcessToken
CryptDeriveKey
GetTokenInformation
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
CryptHashData
CryptDestroyHash
CryptDecrypt
CheckTokenMembership
FreeSid
CryptCreateHash
CryptEncrypt
AllocateAndInitializeSid
CryptAcquireContextA
CryptReleaseContext

shell32

SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHAppBarMessage
DragQueryFileA
DragFinish
ShellExecuteExA
CommandLineToArgvW
SHBrowseForFolderA

oleaut32

SysStringLen
VariantClear
SysAllocString
SysAllocStringLen
VariantInit
VariantChangeType
SysFreeString

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipAlloc

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoTaskMemFree
CoCreateInstance
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitializeEx
CoUninitialize
OleLockRunning
OleGetClipboard
DoDragDrop
IsAccelerator

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 532KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa454d325eff28f9b678f223679784c9

Headers

DLL Characteristics

File Characteristics

Imports

wininet

urlmon

wtsapi32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

winspool.drv

comdlg32

ole32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 532KB - Virtual size: 532KB

.data Size: 30KB - Virtual size: 81KB

.pdata Size: 114KB - Virtual size: 113KB

text Size: 3KB - Virtual size: 2KB

data Size: 2KB - Virtual size: 1KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 76KB - Virtual size: 76KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 532KB - Virtual size: 532KB

.data
Size: 30KB - Virtual size: 81KB

.pdata
Size: 114KB - Virtual size: 113KB

text
Size: 3KB - Virtual size: 2KB

data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 76KB - Virtual size: 76KB