895970001ce9a4aaba019f40177ae797b0d9f93f50f8835bf847045bf4952bf4

Sharing

Copy URL

Twitter E-mail

General

Target

895970001ce9a4aaba019f40177ae797b0d9f93f50f8835bf847045bf4952bf4
Size

587KB
MD5

5c2bab542f83cb8eff0921bc92b150cf
SHA1

376f378dc228fc89639462d33be4158656ccc551
SHA256

895970001ce9a4aaba019f40177ae797b0d9f93f50f8835bf847045bf4952bf4
SHA512

d802bd31a08de608223290d430bc6eac1cea491a29f80ce81b958a53132f503bc1a680cabfe71b778c49f8bac816cb1b6d3518b16d6567acf13af4018072007a
SSDEEP

12288:K+SYSxuZ5q9YmWSUzeAiiMm8Fw3y+l1bxE1eeSRQJ+tWsJ:dhSzD72y+HxrJsi

Score

N/A

Malware Config

Signatures

Files

895970001ce9a4aaba019f40177ae797b0d9f93f50f8835bf847045bf4952bf4
.exe windows x86

9fdf4f5e8e81a30d4266710bbb8ca2a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
WritePrivateProfileStructA
RaiseException
LCMapStringA
VirtualQueryEx
_llseek
FreeLibraryAndExitThread
IsBadWritePtr
_hread
DeleteFiber
GlobalFindAtomW
GetSystemInfo
GetShortPathNameW
VirtualQuery
SetTimeZoneInformation
GetProfileIntA
FlushFileBuffers
GetSystemDefaultLangID
CreateIoCompletionPort
CreateMutexW
WriteProcessMemory
SetNamedPipeHandleState
InitializeCriticalSection
EnumSystemCodePagesA
GlobalReAlloc
CreateEventA
CompareStringA
GetUserDefaultLangID
GetAtomNameA
LocalAlloc
CreateProcessA
SetConsoleOutputCP
ReadDirectoryChangesW
SetStdHandle
IsProcessorFeaturePresent
GlobalGetAtomNameW
GetModuleFileNameW
GetStartupInfoA
LeaveCriticalSection
GetCommandLineW
OpenMutexA
FindResourceExA
WritePrivateProfileSectionA
WritePrivateProfileSectionW
RemoveDirectoryA
EnumDateFormatsW
SetSystemTime
SetCommTimeouts
FreeLibrary
LocalReAlloc
SetConsoleWindowInfo
GetDriveTypeA
GetPrivateProfileStringW
GetSystemTime
ConnectNamedPipe
CreateMutexA
GetACP
LocalSize
FatalAppExitA
FreeResource
GlobalUnlock
SetHandleCount
DuplicateHandle
_lopen
GetCompressedFileSizeW
lstrcpynA
WriteFile
CreatePipe
GetProcessHeap
lstrcatW
GetFileInformationByHandle
SetMailslotInfo
GetThreadPriority
SetEvent
GetNumberFormatW
SetConsoleMode
IsBadReadPtr
ExitProcess

user32

DrawFocusRect
EnumDesktopsA
GetForegroundWindow

gdi32

SetMetaFileBitsEx
GetCurrentObject
PolyDraw
CopyMetaFileW
OffsetViewportOrgEx
CreateDCW
GetGlyphOutlineW

advapi32

GetServiceKeyNameW
SetSecurityDescriptorGroup
CryptAcquireContextA
EnumServicesStatusW
RegSaveKeyW
LockServiceDatabase
RevertToSelf
LogonUserA
NotifyChangeEventLog
CryptDestroyKey
RegQueryInfoKeyA
MakeAbsoluteSD
CryptGetHashParam
RegQueryValueExW
EnumDependentServicesA
DuplicateToken
GetSidSubAuthorityCount
BuildTrusteeWithNameW
DeregisterEventSource
OpenSCManagerA
QueryServiceConfigW
SetEntriesInAclA
RegEnumKeyExW
AllocateLocallyUniqueId
QueryServiceConfigA
CryptAcquireContextW

shell32

SHLoadInProc
FindExecutableW
Shell_NotifyIconA
FindExecutableA
ExtractIconExW

ole32

OleSetMenuDescriptor
OleBuildVersion
CoGetInterfaceAndReleaseStream
CoTreatAsClass
OleRegGetMiscStatus
WriteClassStg
CoFreeUnusedLibraries
ReadClassStg
OleCreateMenuDescriptor
OleConvertIStorageToOLESTREAM

oleaut32

LoadTypeLibEx
VariantChangeType

comctl32

CreatePropertySheetPageW
ImageList_SetIconSize

shlwapi

PathIsDirectoryA
PathRemoveFileSpecW
PathIsRelativeA
PathAppendW
UrlCombineW
StrDupW
StrRetToStrW
PathFileExistsW

Sections

.text
Size: 10KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fdf4f5e8e81a30d4266710bbb8ca2a3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 10KB - Virtual size: 220KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 256KB - Virtual size: 255KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 10KB - Virtual size: 220KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 256KB - Virtual size: 255KB

.rsrc
Size: 10KB - Virtual size: 10KB