9d4746821e278d1f1614db283c351f3850a0bb64e58d19f3599e665ba5bf6622

Sharing

Copy URL Twitter E-mail

General

Target

9d4746821e278d1f1614db283c351f3850a0bb64e58d19f3599e665ba5bf6622
Size

301KB
MD5

156807eb326c2cbaee09594da3c6fdf2
SHA1

d7c7b24196dd770ac631e984755615f33cbe3391
SHA256

9d4746821e278d1f1614db283c351f3850a0bb64e58d19f3599e665ba5bf6622
SHA512

0e89bcd19f7ce5eae62686f1619a8b86609105c21155e5c4ae49e0597c485df784c4318d1b9dbf547431fc87375b7abfe453cc16e35ff88b0196cb53e756d932
SSDEEP

6144:kVkFXR4tPeavnuLIa7XjQPxWFnc1klZU583YIhJ:WkFh4tmAuLI0i0Fc1kGRI

Score

N/A

Malware Config

Signatures

Files

9d4746821e278d1f1614db283c351f3850a0bb64e58d19f3599e665ba5bf6622
.exe windows x86

117a9044483eec34a29853da6be3cebb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathW
ShellExecuteExW

user32

MessageBoxA
SetWindowLongW

advapi32

RegCreateKeyExW
OpenSCManagerW
RegOpenKeyExW
RegCloseKey
DeleteService
QueryServiceStatus
StartServiceW
RegQueryValueExW
RegEnumValueW
CreateServiceW
SetServiceStatus
ChangeServiceConfig2W
RegisterServiceCtrlHandlerW
ReportEventW
ChangeServiceConfigW
DeregisterEventSource
RegDeleteKeyW
CloseServiceHandle
ControlService
RegDeleteValueW
RegEnumKeyExW
QueryServiceConfigW
RegisterEventSourceW
StartServiceCtrlDispatcherW
OpenServiceW
RegSetValueExW
RegQueryInfoKeyW

kernel32

TlsGetValue
GetLogicalDriveStringsW
CopyFileW
HeapReAlloc
HeapFree
MoveFileExW
GetModuleHandleA
GetProcessHeap
ExpandEnvironmentStringsW
LeaveCriticalSection
GetCommandLineW
GetTempFileNameW
SetEnvironmentVariableA
IsDebuggerPresent
IsValidLocale
HeapAlloc
GetTempPathW
SetEnvironmentVariableW
GetFileType
GetTempPathA
SetFileAttributesW
GetACP
ResetEvent
SetEndOfFile
TlsSetValue
MoveFileW
VirtualAlloc
SetFilePointer
HeapSize
GetCurrentDirectoryW
LocalAlloc
GetStdHandle
VirtualFree
TlsFree
LCMapStringA
CompareStringA
RtlUnwind
EnterCriticalSection
CreateDirectoryW
LocalFree
ReadFile
RaiseException
FlushFileBuffers
OpenProcess
WaitForMultipleObjects
IsValidCodePage
CreateFileA
GetComputerNameW
LCMapStringW
FindClose
GetSystemInfo
CreateFileW
DeleteFileW
SetLastError
GetCurrentThreadId
SetThreadPriority
EnumSystemLocalesA
CreatePipe
FindNextFileW
CreateThread
GetExitCodeThread
FreeLibrary
CreateMutexW
WriteConsoleW
DeleteCriticalSection
GetSystemTimeAsFileTime
GetFileAttributesExW
WideCharToMultiByte
FindFirstFileW
TlsAlloc
ExitThread
WriteConsoleA
GetConsoleCP
GetUserDefaultLCID
ReleaseMutex
GetModuleHandleW
SetConsoleCtrlHandler
GetOEMCP
CreateEventW
GetProcessTimes
GetTimeZoneInformation
UnhandledExceptionFilter
TryEnterCriticalSection
SetStdHandle
FreeEnvironmentStringsW
SetFileTime
CompareStringW
WriteFile
RemoveDirectoryW
CreateProcessW
InitializeCriticalSectionAndSpinCount
CloseHandle
SetHandleCount
DuplicateHandle
GetConsoleOutputCP
SetUnhandledExceptionFilter
GetConsoleMode
WaitForSingleObject
GetLocalTime
VirtualAllocEx

comctl32

CreateStatusWindow
ImageList_GetFlags
ImageList_Add
ImageList_Merge
ImageList_LoadImageW
ImageList_SetBkColor
DrawStatusText
FlatSB_EnableScrollBar

syssetup

SetupChangeFontSize

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 28KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 182KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

117a9044483eec34a29853da6be3cebb

Headers

File Characteristics

Imports

version

iphlpapi

shell32

user32

advapi32

kernel32

comctl32

syssetup

Sections

.text Size: 17KB - Virtual size: 17KB

.bss Size: 28KB - Virtual size: 628KB

.reloc Size: 182KB - Virtual size: 948KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 58KB - Virtual size: 255KB

.rsrc Size: 10KB - Virtual size: 16KB

.text
Size: 17KB - Virtual size: 17KB

.bss
Size: 28KB - Virtual size: 628KB

.reloc
Size: 182KB - Virtual size: 948KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 58KB - Virtual size: 255KB

.rsrc
Size: 10KB - Virtual size: 16KB