9cce5d3691c05090bda8527843629d94114df44af21d37e627220952cad9f9a8

Sharing

Copy URL Twitter E-mail

General

Target

9cce5d3691c05090bda8527843629d94114df44af21d37e627220952cad9f9a8
Size

400KB
MD5

5782d50fd6a94090de083201254c8c3f
SHA1

d55f9841a0b4bd460631c32cf7ca56466c641fc4
SHA256

9cce5d3691c05090bda8527843629d94114df44af21d37e627220952cad9f9a8
SHA512

e69172b9501ea790bd7e6b29f250946516f5b0ff8eab65fbc6c23e5d1030716dde98f00e99abee1e4c662d93c390e8c7a63d10aba15384a98a641edb3de30d81
SSDEEP

12288:OslIlfQFlpHP8KaH3jmntZxVxZ56XBhd:xfpHPkHKt+XBL

Score

N/A

Malware Config

Signatures

Files

9cce5d3691c05090bda8527843629d94114df44af21d37e627220952cad9f9a8
.exe windows x86

9a277767a64a00d3392f29151785c143

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

SHDeleteValueA
SHSetValueA
SHGetValueA

kernel32

GetTickCount
GetOEMCP
RtlUnwind
Sleep
GetStartupInfoA
GetCommandLineA
FileTimeToLocalFileTime
GetCPInfo
HeapAlloc
RaiseException
HeapReAlloc
ExitProcess
GetACP
GetTimeZoneInformation
SizeofResource
IsValidLocale
TerminateProcess
HeapFree
HeapSize
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
EnterCriticalSection
TlsSetValue
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FileTimeToSystemTime
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
SetErrorMode
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
EnumSystemLocalesA
GlobalReAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThreadId
LoadLibraryExA
GetModuleHandleA
GetCurrentDirectoryA
GetUserDefaultLangID
GetCurrentThread
GetSystemDirectoryA
lstrcpyA
lstrcatA
GetVersion
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetCurrentProcess
GetDriveTypeA
CreateMutexA
GetVersionExA
GetLastError
GetModuleFileNameA
LeaveCriticalSection
TlsFree
GlobalHandle
InitializeCriticalSection
GetFileType
DeleteCriticalSection
GetProfileStringA
InterlockedExchange
TlsAlloc
LoadLibraryA
LocalAlloc
MulDiv
GlobalAddAtomA
FreeLibrary
GlobalGetAtomNameA
GlobalUnlock
GlobalFindAtomA
GetProcAddress
FindResourceA
SetLastError
GlobalFree
LoadResource
LockResource
CreateFileA
FindFirstFileA
GetFileTime
FindClose
lstrcpynA
FormatMessageA
GetFileSize
GetFileAttributesA
WideCharToMultiByte
LocalFree
MultiByteToWideChar
InterlockedIncrement
lstrlenA
InterlockedDecrement
GlobalLock
GetEnvironmentVariableA
GlobalAlloc
HeapDestroy
IsValidCodePage
GetLocaleInfoA
LCMapStringA

user32

InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
PtInRect
GetClassNameA
GetDesktopWindow
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
MessageBeep
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
ShowWindow
MoveWindow
GetMenuItemID
GetNextDlgGroupItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
LoadStringA
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
SetRect
CopyAcceleratorTableA
CharNextA
CharUpperA
GetSysColorBrush
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
GetFocus
MessageBoxA
ExitWindowsEx
GetWindowTextLengthA
GetMenuItemCount
GetSubMenu
SetFocus
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode

gdi32

SetTextColor
GetClipBox
BitBlt
CreateCompatibleDC
SetBkColor
CreateDIBitmap
DeleteObject
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
CreateSolidBrush
GetTextExtentPointA
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetTextColor
GetBkColor
Escape
LPtoDP
DPtoLP
GetMapMode
PatBlt
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

OpenThreadToken
FreeSid
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
EqualSid
AllocateAndInitializeSid
GetTokenInformation
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoTaskMemFree
OleIsCurrentClipboard
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoTaskMemAlloc
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 164KB - Virtual size: 420KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a277767a64a00d3392f29151785c143

Headers

File Characteristics

Imports

version

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 12KB - Virtual size: 11KB

PACK Size: 164KB - Virtual size: 420KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 12KB - Virtual size: 11KB

PACK
Size: 164KB - Virtual size: 420KB