9220130e12edbcf0abdb1147d06b444c5ae60a7081409ba2d686ea908d726b62

Sharing

Copy URL Twitter E-mail

General

Target

9220130e12edbcf0abdb1147d06b444c5ae60a7081409ba2d686ea908d726b62
Size

5.8MB
MD5

f25d49e1703955d680908973600abff0
SHA1

844cc52ab644b02b76c5f90aa4b562cba8bd45c0
SHA256

9220130e12edbcf0abdb1147d06b444c5ae60a7081409ba2d686ea908d726b62
SHA512

491f56c2221c12f93ea9a5019e659d4840c814524cf719179b439aacd0e5ca016b7b44435d75a45edfb884a00f12bd35ecaece70a7ef1a4dc98f4ed3444b73ac
SSDEEP

98304:D/g9GS1Hcu4ecfJXkHwbLKcqaqMb9SZDlVDLnjTIzaZ+xZKZT6vYZV5IeeUOyL+N:DkCfJXrSVaqMb9qDbLnfyCZuvwVCV

Score

N/A

Malware Config

Signatures

Files

9220130e12edbcf0abdb1147d06b444c5ae60a7081409ba2d686ea908d726b62
.exe windows x86

790932a5a9f0c3e9575db84bd745b762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
ExitThread
HeapReAlloc
Sleep
GetCurrentThread
CreateMutexA
GetLocalTime
GetTickCount
SystemTimeToFileTime
SetLastError
WaitForSingleObjectEx
GetProcAddress
InterlockedCompareExchange
GetModuleHandleA
GetVersionExA
GetModuleHandleExW
VirtualProtect
ReadFile
DisableThreadLibraryCalls
EnterCriticalSection
LoadLibraryA
HeapFree
GetCurrentProcess
DeleteCriticalSection
CreateFileA
HeapAlloc
GetProcessHeap
DuplicateHandle
LeaveCriticalSection
GetCurrentThreadId
VirtualFree
GetLastError
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
CreateFileW
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter

advapi32

RegEnumKeyW
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegEnumKeyExW
RegOpenKeyExA
RegQueryValueExW
RegEnumValueA

user32

MsgWaitForMultipleObjects
SetForegroundWindow
MessageBoxA
EnumWindows
LoadIconW
DispatchMessageA
GetWindowTextA
RegisterWindowMessageW
UpdateWindow
GetClientRect
GetDlgItem
GetWindowTextW
RegisterClassExW
GetDesktopWindow
GetWindowRect
DestroyWindow
GetSystemMetrics
CreateWindowExW
FindWindowA
RegisterClassExA
CreateWindowExA
TrackPopupMenu
AppendMenuW
LoadIconA
GetMessageA
DefWindowProcW
GetMessageW
CloseDesktop
PostMessageA

Sections

.text
Size: 465KB - Virtual size: 465KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 426KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

790932a5a9f0c3e9575db84bd745b762

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 465KB - Virtual size: 465KB

.rdata Size: 426KB - Virtual size: 426KB

.data Size: 4.9MB - Virtual size: 4.9MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 28KB - Virtual size: 28KB

.text
Size: 465KB - Virtual size: 465KB

.rdata
Size: 426KB - Virtual size: 426KB

.data
Size: 4.9MB - Virtual size: 4.9MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 28KB - Virtual size: 28KB