9428f8996cfd76f7d0d5db1bf56dcfa458d32ca33dd15711fbfab9090396293b

Sharing

Copy URL Twitter E-mail

General

Target

9428f8996cfd76f7d0d5db1bf56dcfa458d32ca33dd15711fbfab9090396293b
Size

318KB
MD5

400f8b5538805428122822e0a50278dc
SHA1

f8066840358c1023ccac6ed73ae30f22ba0fb5fe
SHA256

9428f8996cfd76f7d0d5db1bf56dcfa458d32ca33dd15711fbfab9090396293b
SHA512

34057fc05a7dcdc10d513b54c5e80b4e5254fb76bc09a327f210975a357f8a8b46612cb54f705a04e7192a422ecead37022a1dcd355d0ec5e56712a25935c277
SSDEEP

6144:ux6CBkLTfuh+b2yitCCJv8v+SY78UEXWIkfToope4InN3fjBnDschCdyEIL:khCTmh+ytCTvPc8rupcnRVnDHhsI

Score

N/A

Malware Config

Signatures

Files

9428f8996cfd76f7d0d5db1bf56dcfa458d32ca33dd15711fbfab9090396293b
.exe windows x86

fb40b5ae1e8d484652ab508596205fde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

OpenClipboard
GetWindowThreadProcessId
DdeDisconnect
GetKeyState
ScreenToClient
GetWindowRect
GetDlgItemInt
GetDesktopWindow
GetWindowTextLengthA
SetWindowPos
wsprintfA
IsWindowVisible
SetDlgItemInt
EnumWindows
PeekMessageA
DialogBoxParamA
EnumWindowStationsW
SetClipboardData
ShowWindow
EmptyClipboard
GetCursorPos
GetDlgItem
SetDlgItemTextA
MessageBoxA
EndDialog
CloseClipboard

mapi32

MAPIOpenFormMgr

advapi32

CreateServiceA
RegSetValueExA
SetServiceObjectSecurity
OpenProcessToken
ChangeServiceConfigA
InitializeSecurityDescriptor
QueryServiceStatus
LookupPrivilegeValueA
SetNamedSecurityInfoA
RegCreateKeyExA
GetSecurityDescriptorDacl
OpenServiceA
SetServiceStatus
CloseServiceHandle
QueryServiceObjectSecurity
StartServiceA
RegEnumValueA
ControlService
RegOpenKeyExW
StartServiceCtrlDispatcherA
RegOpenKeyExA
RegisterEventSourceA
RegDeleteValueA
SetEntriesInAclA
RegEnumKeyExA
RegisterServiceCtrlHandlerA
RegQueryInfoKeyA
DeregisterEventSource
RegEnumKeyExW
RegCloseKey
SetSecurityDescriptorDacl
ChangeServiceConfig2A
ConvertStringSidToSidA
DeleteService
OpenSCManagerA
QueryServiceStatusEx
RegQueryValueExA
ReportEventA
AdjustTokenPrivileges

kernel32

LoadLibraryExW
MultiByteToWideChar
GetCurrentProcessId
EnterCriticalSection
FindFirstFileA
FreeEnvironmentStringsA
GetCurrentThread
GetProcessHeaps
HeapUnlock
CreateThread
InitializeCriticalSection
FreeEnvironmentStringsW
LCMapStringA
GetStringTypeA
GetSystemTimeAsFileTime
GetACP
CreateDirectoryA
GetThreadPriority
GetFullPathNameW
SetEvent
GetConsoleMode
VirtualFree
GetStringTypeW
HeapCreate
FlushFileBuffers
HeapDestroy
CreateEventA
GetConsoleOutputCP
WriteConsoleA
GetEnvironmentStringsW
InterlockedDecrement
RemoveDirectoryA
RtlUnwind
GetProcAddress
CompareStringA
FlushFileBuffers
GetProcessHeap
HeapAlloc
IsDebuggerPresent
GetCurrentThreadId
WaitForMultipleObjects
UnhandledExceptionFilter
HeapValidate
LCMapStringW
RaiseException
SetLastError
GetTimeZoneInformation
OpenProcess
TlsGetValue
GlobalUnlock
GetModuleFileNameW
VirtualQuery
lstrlenA
TlsSetValue
GetLastError
GetDriveTypeA
HeapSize
DeleteFileA
ExitThread
GetTickCount
DeleteCriticalSection
VirtualAlloc
CreateFileW
OutputDebugStringA
GetFileType
WaitForSingleObject
LocalFree
GetModuleHandleA
ExitProcess
GetFileAttributesExA
GetLocalTime
IsValidCodePage
GetEnvironmentStrings
ExitProcess
GetVersionExA
InterlockedExchange
QueryPerformanceCounter
GetLocaleInfoA
SetCurrentDirectoryA
Sleep
ReadFile
CopyFileA
GetConsoleWindow
GetFileAttributesW
ExpandEnvironmentStringsA
GetConsoleCP
InterlockedIncrement
CreateFileA
HeapFree
DebugBreak
SetConsoleTitleA
GlobalLock
GetCurrentDirectoryA
SetUnhandledExceptionFilter
LeaveCriticalSection
HeapReAlloc
WriteConsoleW
GlobalAlloc
GetExitCodeProcess
GetStartupInfoA
CreateProcessA
SetStdHandle
GetFileSize
HeapLock
WideCharToMultiByte
FindClose
GetCPInfo
GetOEMCP
SetConsoleCtrlHandler
MoveFileExA
GetNumberOfConsoleInputEvents
TlsFree
CloseHandle
LoadLibraryA
GetFileAttributesA
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
CompareStringW
GetCommandLineA
WriteFile
SetEnvironmentVariableA
TlsAlloc
SetFileAttributesA
CreateDirectoryW
GetCurrentProcess
ResumeThread
GetStdHandle
SetEndOfFile
FindNextFileA
SetFilePointer
GetModuleFileNameA
HeapWalk
SetHandleCount
ReadConsoleInputA
FreeLibrary
TerminateProcess

ole32

CoInitialize
CoUninitialize
CoCreateInstance
PropVariantClear

shlwapi

SHDeleteKeyA
SHStrDupA
SHDeleteKeyW

shell32

ShellExecuteA
SHGetMalloc
SHGetFolderPathA
SHGetSpecialFolderPathA

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.denue
Size: 5KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb40b5ae1e8d484652ab508596205fde

Headers

File Characteristics

Imports

user32

mapi32

advapi32

kernel32

ole32

shlwapi

shell32

Sections

.text Size: 206KB - Virtual size: 205KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 100KB - Virtual size: 100KB

.denue Size: 5KB - Virtual size: 73KB

.text
Size: 206KB - Virtual size: 205KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 100KB - Virtual size: 100KB

.denue
Size: 5KB - Virtual size: 73KB