a9ad17e7a49d9f7911595cb9e1d125f6cd91da7b560073adc340d0c21f526dad

Sharing

Copy URL Twitter E-mail

General

Target

a9ad17e7a49d9f7911595cb9e1d125f6cd91da7b560073adc340d0c21f526dad
Size

307KB
MD5

ec4f388bf3e2e54e87feab33093e5a01
SHA1

ac1df3b89a259b9841dc2339609a642854451d36
SHA256

a9ad17e7a49d9f7911595cb9e1d125f6cd91da7b560073adc340d0c21f526dad
SHA512

f68379257ca9a30ea08030446e8798c0c9b920d6f40af66cb68dbba0b9b6618eeb90ac4c460dc1994e6311f91aa2b8082cf068bb76bdcb0733e11111723d3014
SSDEEP

6144:Jw9++bLjS10iDOEhAOlj/uuJudyHj+VABWviGvQx:CvS6iDPNptyVAmQx

Score

N/A

Malware Config

Signatures

Files

a9ad17e7a49d9f7911595cb9e1d125f6cd91da7b560073adc340d0c21f526dad
.exe windows x86

f3e899f66e75e71255e8b5a50d9ac7f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
lstrlenW
LeaveCriticalSection
GetProcessHeap
DeleteCriticalSection
CloseHandle
EnterCriticalSection
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetFileInformationByHandle
LockResource
FindResourceW
RaiseException
GetCurrentThreadId
HeapSize
CompareFileTime
IsProcessorFeaturePresent
SizeofResource
HeapFree
LoadResource
GetSystemTimeAsFileTime
FindResourceExW
HeapDestroy
SwitchToThread
HeapReAlloc
IsDebuggerPresent
CreateFileW
VirtualAlloc

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW

oleaut32

VariantInit
SysAllocStringLen
UnRegisterTypeLi
VariantClear
VarBstrCmp
VariantChangeType
SysStringLen
SysStringByteLen
SafeArrayLock
LoadRegTypeLi
VarBstrCat
SysAllocStringByteLen
SafeArrayUnlock
SafeArrayDestroy
RegisterTypeLi
SafeArrayGetUBound
SysAllocString
SafeArrayGetLBound
SysFreeString
SafeArrayGetVartype
VarBstrFromDec
SetErrorInfo

user32

CharNextW
RegisterWindowMessageW
GetDC
CharPrevA
MessageBoxIndirectW
DestroyCursor
GetMessageA
GetScrollPos
LoadImageW
wsprintfA
WaitForInputIdle
wvsprintfW
LoadIconA
LoadMenuA
PostMessageW
EnumWindows
TrackPopupMenuEx
GetMenuItemRect

ole32

IIDFromString
StringFromGUID2
CLSIDFromString
CoCreateInstance

gdi32

GetLayout

shimeng

SE_DllUnloaded
SE_ProcessDying
SE_DynamicShim
SE_InstallBeforeInit

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3e899f66e75e71255e8b5a50d9ac7f3

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

user32

ole32

gdi32

shimeng

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 269KB - Virtual size: 400KB

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 17KB - Virtual size: 26KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 269KB - Virtual size: 400KB

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 17KB - Virtual size: 26KB