9ea6bea66ef05211c0aced22a30a85405c9e27561a69c5c657cfac5d9983ecb5

Sharing

Copy URL

Twitter E-mail

General

Target

9ea6bea66ef05211c0aced22a30a85405c9e27561a69c5c657cfac5d9983ecb5
Size

407KB
MD5

4ed1786f75251376f23bc0df2cd98fff
SHA1

80dc7d9f2e9130e7b63c264aedb696fa3f9802b5
SHA256

9ea6bea66ef05211c0aced22a30a85405c9e27561a69c5c657cfac5d9983ecb5
SHA512

f4eb4cddddbe2591cc007e43c1f43a4b90ef98ce3a18087b342588c98fcb6bea064e8472b5128e8ca28fb3ed01f567025168749bcd637c09db37a9a65df48f3a
SSDEEP

12288:bnuwXLAdxPjSLNSmyXZ6Y97Xrj8Sn6Gd4L/O:qwX+xus5lXsS6GGL

Score

N/A

Malware Config

Signatures

Files

9ea6bea66ef05211c0aced22a30a85405c9e27561a69c5c657cfac5d9983ecb5
.exe windows x86

7f37c5290043405ce5fce3d8958d7c5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
WriteFile
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
CreateFileW
CloseHandle
lstrcpyA
TlsFree
EnumDateFormatsA
GetProcAddress
GetLastError
MultiByteToWideChar
lstrcatA
HeapCreate
WideCharToMultiByte
GetProcessHeap
GetCurrentProcess
HeapAlloc
LoadResource
IsBadReadPtr
HeapValidate
IsProcessorFeaturePresent
IsDebuggerPresent
FlushFileBuffers
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
FreeLibrary
GetModuleHandleW
lstrlenA

user32

SendMessageA
MoveWindow
CopyRect
SetMenuItemInfoA
CallWindowProcA
SetWindowTextA
GetSystemMetrics
DefMDIChildProcA
IsWindow
GetClassInfoA
DrawMenuBar
EndPaint
ArrangeIconicWindows
DestroyWindow
ScreenToClient
GetWindowRect
InsertMenuItemA
PostQuitMessage
FillRect
DrawTextA
GetSubMenu
LoadStringA
CreateDialogParamW
GetParent
DefFrameProcA
IsWindowEnabled
CreateMDIWindowA
GetClientRect
GetUserObjectSecurity
SetFocus
LoadBitmapA
BeginPaint
GetDC
GetMenu
GetWindowTextA
SetWindowLongA
InvalidateRect
LookupIconIdFromDirectoryEx
CreateAcceleratorTableA
CascadeWindows
GetWindowLongA
TileWindows
SetUserObjectSecurity
CreateWindowExA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
CreateIconFromResource
ShowWindow

gdi32

Pie
LineTo
DeleteObject
SelectObject
Rectangle
SetDCPenColor
StretchDIBits
CreatePatternBrush
CreatePen
GetStockObject
CreateSolidBrush
MoveToEx

comdlg32

GetFileTitleA
ReplaceTextA
GetOpenFileNameA

advapi32

InitializeAcl
GetAclInformation
GetSecurityDescriptorDacl
AddAce
AddAccessAllowedAce
AddAccessAllowedAceEx
GetAce
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

DragAcceptFiles
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA
DragFinish

ole32

CoInitialize
CoTaskMemFree

oleaut32

VariantClear
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType

ws2_32

WSAAsyncGetProtoByNumber

psapi

GetProcessMemoryInfo

winmm

mmioClose
mmioWrite
mmioOpenA
mmioCreateChunk

shlwapi

StrChrA

comctl32

InitCommonControlsEx
CreateToolbarEx

dbghelp

EnumerateLoadedModules

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f37c5290043405ce5fce3d8958d7c5a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

psapi

winmm

shlwapi

comctl32

dbghelp

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 138KB - Virtual size: 137KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 138KB - Virtual size: 137KB

.reloc
Size: 13KB - Virtual size: 13KB