2c9b6f0af140b538b678a1c314fafbf326a311c2afece35189813e319dacc882

Sharing

Copy URL

Twitter E-mail

General

Target

2c9b6f0af140b538b678a1c314fafbf326a311c2afece35189813e319dacc882
Size

785KB
MD5

31bd5197e16de36f5d77b7305df45fd6
SHA1

cc696697f29606fd436b39ff7749ae8be1d7e58b
SHA256

2c9b6f0af140b538b678a1c314fafbf326a311c2afece35189813e319dacc882
SHA512

0f277784123c9f0d11bce4564f5d12e4da8a3a4a9a92652a7d09686716d8c497c74e3fa4eae4cf1a2ebf34bfc2b0e0ac32e3ba2fd558cc82ad1f05476daf0368
SSDEEP

12288:BNJBSwiDrboL/W3Qz+rzdOZsSLJcsZK33PzZF3Q+A:BNS/8nqXdoPVxQPru

Score

N/A

Malware Config

Signatures

Files

2c9b6f0af140b538b678a1c314fafbf326a311c2afece35189813e319dacc882
.exe windows x86

7feb5595e868db6f5dbb973cffd606c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
AddAtomA
GetMailslotInfo
GetConsoleAliasesW
GetFileType
SetProcessAffinityMask
PostQueuedCompletionStatus
AllocConsole
GetTimeFormatA
AllocateUserPhysicalPages
OpenSemaphoreW
EnumCalendarInfoExW
GetACP
GetConsoleScreenBufferInfo
CreateHardLinkW
GetStringTypeExA
FlushInstructionCache
AddAtomW
GetProcessIoCounters
GetPrivateProfileIntW
CreateMutexW
SetEnvironmentVariableA
CreateNamedPipeA
CreateMailslotW
OpenFileMappingW
FindAtomW
GetProcAddress
SetTapePosition
GetConsoleAliasExesLengthA
CreateDirectoryA
GetModuleHandleA
FindResourceExW
GetVolumeInformationA
Toolhelp32ReadProcessMemory
GetWindowsDirectoryW
ReplaceFileA
MapViewOfFileEx
ReplaceFileW
CreateFileMappingW
ProcessIdToSessionId
GetCurrentDirectoryA
GetConsoleAliasExesLengthW
IsValidCodePage
Module32Next
GetConsoleAliasA
CreateTapePartition
GetSystemWindowsDirectoryA
GetFileAttributesExA
CreateEventW
PrepareTape
SetConsoleCtrlHandler
SetSystemTimeAdjustment
GetDevicePowerState
GetAtomNameA
ChangeTimerQueueTimer
LCMapStringA
SetWaitableTimer
GetProcessAffinityMask
GetCurrentProcess
CancelIo
GetCPInfo
VirtualAlloc
CreateFileMappingA
GetThreadPriority
SetThreadAffinityMask
GetCPInfoExW
DeleteVolumeMountPointA
FlushViewOfFile
DefineDosDeviceW
DuplicateHandle
GetNumberFormatW
GetThreadContext
SetCalendarInfoA
GetStdHandle
GetPrivateProfileSectionW
OpenEventW
GetSystemDefaultLCID
FormatMessageA
WideCharToMultiByte
FindVolumeClose
GetShortPathNameW

user32

AdjustWindowRectEx
AdjustWindowRect
AllowSetForegroundWindow
AnyPopup
IsCharAlphaA
ActivateKeyboardLayout

comctl32

CreatePropertySheetPageA
ord6

advapi32

AccessCheckAndAuditAlarmA
AccessCheck
AccessCheckByType
AbortSystemShutdownA

shell32

DragFinish
DragAcceptFiles
DoEnvironmentSubstW
DragQueryFileA

oleaut32

BSTR_UserFree
BSTR_UserMarshal
BstrFromVector
ClearCustData

Sections

.text
Size: 739KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7feb5595e868db6f5dbb973cffd606c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

shell32

oleaut32

Sections

.text Size: 739KB - Virtual size: 738KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 359KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 739KB - Virtual size: 738KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 359KB

.rsrc
Size: 41KB - Virtual size: 41KB