b9b9f2edb60ab5c21008910b03de4afe5337d5291ff7a18afff372968831ee5e

Sharing

Copy URL

Twitter E-mail

General

Target

b9b9f2edb60ab5c21008910b03de4afe5337d5291ff7a18afff372968831ee5e
Size

1.0MB
MD5

bb09720fe59805b07b4298fccae0ec26
SHA1

69753eb1361c1408073658ddc88182c43dadcd1b
SHA256

b9b9f2edb60ab5c21008910b03de4afe5337d5291ff7a18afff372968831ee5e
SHA512

d48595b54d2864d2cb1ca29d23a67135af708f51f89f3441f30778b824d39dbe22387b65d8275346a8c806667701803bf82853b00ad81167b71a6c949489a72c
SSDEEP

24576:2fna/BVJIRZ+9zlmSzFpIS+1AhQwhJ+BHJyco9M/eVAyG:2fudmKzlmSzFWS+1JiJ4pyNWUtG

Score

N/A

Malware Config

Signatures

Files

b9b9f2edb60ab5c21008910b03de4afe5337d5291ff7a18afff372968831ee5e
.exe windows x86

45e32db5371a83c22f83161834883d6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetComputerNameA
TerminateProcess
OpenProcess
CreateProcessA
lstrlenA
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WriteProcessMemory
ReadProcessMemory
WaitForSingleObject
SetFileTime
DeleteFileA
MoveFileA
CopyFileA
CreateDirectoryA
RemoveDirectoryA
SetSystemPowerState
GetCurrentProcess
SizeofResource
LockResource
LoadResource
FindResourceA
EnumResourceNamesA
WideCharToMultiByte
CompareStringW
CompareStringA
SetEndOfFile
LCMapStringW
LCMapStringA
SetStdHandle
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
GlobalMemoryStatus
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
DeleteCriticalSection
FlushFileBuffers
WriteFile
RtlUnwind
UnhandledExceptionFilter
SetLastError
TlsAlloc
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
SetFilePointer
GetVersion
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
ExitProcess
HeapAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
ExitThread
TlsGetValue
TlsSetValue
CreateThread
ResumeThread
GetSystemTime
GetTimeZoneInformation
GetTempFileNameA
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentThreadId
CreateFileA
GetFileSize
ReadFile
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetEnvironmentVariableA
GetEnvironmentVariableA
GetShortPathNameA
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
SetVolumeLabelA
GetVolumeInformationA
GetModuleHandleA
GetDiskFreeSpaceA
SetErrorMode
GetDriveTypeA
MultiByteToWideChar
FindNextFileA
GetLocalTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetExitCodeProcess
CloseHandle
Sleep
GetFullPathNameA
GetLastError
FormatMessageA
FreeLibrary
FindClose
LoadLibraryA
GetEnvironmentStringsW
GetProcAddress

user32

CreateMenu
SetMenu
DeleteMenu
DrawMenuBar
GetMenuItemInfoA
CharNextA
LoadImageA
IntersectRect
GetSysColor
SetCursor
ChildWindowFromPoint
PtInRect
MessageBeep
GetKeyState
UnregisterHotKey
DestroyWindow
MessageBoxA
SetMenuItemInfoA
ReleaseCapture
DefDlgProcA
VkKeyScanA
InvalidateRect
LoadMenuA
CheckMenuItem
SetForegroundWindow
TrackPopupMenuEx
DestroyMenu
KillTimer
PostQuitMessage
SetTimer
RegisterWindowMessageA
DefWindowProcA
GetSysColorBrush
EndDialog
RegisterClassExA
DestroyIcon
InsertMenuItemA
CreatePopupMenu
CreateIconFromResourceEx
ExitWindowsEx
EnumThreadWindows
GetKeyboardState
SetKeyboardState
GetAsyncKeyState
keybd_event
SetCapture
GetKeyboardLayoutNameA
LoadStringA
DispatchMessageA
TranslateMessage
PeekMessageA
GetMessageA
IsDialogMessageA
DialogBoxParamA
SendMessageA
CharLowerA
CharUpperA
SetWindowTextA
GetWindowTextA
SendMessageTimeoutA
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClassLongA
SetClipboardData
EmptyClipboard
ReleaseDC
GetDC
GetWindowLongA
SetWindowLongA
FindWindowA
IsIconic
IsZoomed
GetCaretPos
GetFocus
GetMenu
GetMenuItemCount
GetMenuStringA
GetMenuItemID
GetDlgItem
SendDlgItemMessageA
LoadIconA
IsMenu
GetSubMenu
IsWindowEnabled
MapVirtualKeyA
GetParent
ScreenToClient
SetActiveWindow
SetFocus
GetDlgCtrlID
PostMessageA
MoveWindow
EnableWindow
IsWindowVisible
GetClassNameA
IsWindow
EnumWindows
EnumChildWindows
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
IsCharAlphaA
GetForegroundWindow
ClientToScreen
RegisterHotKey
LoadCursorA
WindowFromPoint
GetWindowThreadProcessId
AttachThreadInput
GetCursor
SystemParametersInfoA
SetRect
AdjustWindowRectEx
CreateWindowExA
GetClientRect
CopyImage
SetWindowPos
ShowWindow
GetDesktopWindow
GetWindowRect
mouse_event
GetCursorPos

gdi32

GetObjectA
CreateCompatibleDC
GetTextExtentPoint32A
SetTextColor
SetBkMode
CreateSolidBrush
SetBkColor
DeleteObject
CreateDCA
GetStockObject
SelectObject
GetTextFaceA
GetDeviceCaps
DeleteDC
GetPixel
CreateFontA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegConnectRegistryA
RegCloseKey
RegQueryValueExA
GetUserNameA
OpenSCManagerA
LockServiceDatabase
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumValueA
CloseServiceHandle
UnlockServiceDatabase
RegEnumKeyExA

shell32

ExtractIconA
DragQueryPoint
DragQueryFileA
DragFinish
Shell_NotifyIconA
SHFileOperationA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconExA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

winmm

waveOutSetVolume
timeGetTime
mciSendStringA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wsock32

WSAStartup
inet_addr
gethostname
gethostbyname
WSACleanup
ioctlsocket

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragEnter
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_ReplaceIcon

mpr

WNetCancelConnection2A
WNetUseConnectionA
WNetGetConnectionA

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45e32db5371a83c22f83161834883d6e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winmm

version

wsock32

comctl32

mpr

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 91KB

.idata Size: 9KB - Virtual size: 8KB

.rsrc Size: 12KB - Virtual size: 16KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 91KB

.idata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 12KB - Virtual size: 16KB