9b978fda58f7d0b37b53753a67c7502a923eeaadbb0b4f81ffde4d29c3315cc1

Sharing

Copy URL Twitter E-mail

General

Target

9b978fda58f7d0b37b53753a67c7502a923eeaadbb0b4f81ffde4d29c3315cc1
Size

6.0MB
MD5

c80440811dbb2cd457c862e183528cf2
SHA1

2663bea49a4d92f94aa6e79728f92abf7d6b064c
SHA256

9b978fda58f7d0b37b53753a67c7502a923eeaadbb0b4f81ffde4d29c3315cc1
SHA512

204fd7212e6884b9846f36d0db764da785d575577ebd0e5d383cf2214341ad0d4d4c61584eca2b0e194ab416897a2967608a54cffd4c536f8a08708e8b1e87cb
SSDEEP

98304:90qiQWr3zaR8nBlRDEx6M82sqecniwDcztq45c/tUAzpDRHp0bw+uBfmI0KYgItZ:Kqib3zaR8nBlRwVyqpnAcYchlDVjJBfs

Score

N/A

Malware Config

Signatures

Files

9b978fda58f7d0b37b53753a67c7502a923eeaadbb0b4f81ffde4d29c3315cc1
.exe windows x86

f81e661a1d575c2ecbbd62fc5ddd5ed4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
LoadLibraryA
CreateMutexA
CloseHandle
GetCurrentProcess
GetLastError
GetProcAddress
InterlockedCompareExchange
HeapAlloc
DisableThreadLibraryCalls
GetModuleHandleA
GetVersionExA
ExitThread
GetModuleHandleExW
VirtualProtect
EnterCriticalSection
GetProcessHeap
FileTimeToSystemTime
SetLastError
GetLocalTime
LocalFileTimeToFileTime
GetTickCount
IsBadWritePtr
WaitForSingleObject
Sleep
VirtualFree
GetCurrentProcessId
GetCurrentThreadId
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
GetModuleHandleW
TlsFree
CreateFileW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter

advapi32

RegCreateKeyW
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExW
RegEnumValueW
RegCreateKeyA
RegCreateKeyExW
RegEnumValueA
RegQueryValueA
RegEnumKeyExA
RegOpenKeyW
RegOpenKeyExA

user32

TranslateMessage
FindWindowW
EnumWindows
RegisterClassExW
CreatePopupMenu
MsgWaitForMultipleObjects
AppendMenuW
GetWindowRect
GetMessageW
GetDlgItem
LoadIconW
SendMessageA
TrackPopupMenu
SetForegroundWindow
MessageBoxW
PostQuitMessage
AppendMenuA
UpdateWindow
MessageBoxA
SendMessageW
RegisterClassExA
RedrawWindow
CreateWindowExW
SetWindowPos
LoadIconA
RegisterWindowMessageA
RegisterWindowMessageW
ShowWindow
PeekMessageW

Sections

.text
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 435KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f81e661a1d575c2ecbbd62fc5ddd5ed4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 468KB - Virtual size: 467KB

.rdata Size: 435KB - Virtual size: 435KB

.data Size: 5.1MB - Virtual size: 5.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 468KB - Virtual size: 467KB

.rdata
Size: 435KB - Virtual size: 435KB

.data
Size: 5.1MB - Virtual size: 5.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 29KB