e9f4aedd8d793df9c6b51e98db56c4d19044fb99dbef5507b27f56bea3dc3107

Sharing

Copy URL

Twitter E-mail

General

Target

e9f4aedd8d793df9c6b51e98db56c4d19044fb99dbef5507b27f56bea3dc3107
Size

1010KB
MD5

105610e319be987448e3918e717afff0
SHA1

1aa852152d0dfeed75da7d14365c08c56350a852
SHA256

e9f4aedd8d793df9c6b51e98db56c4d19044fb99dbef5507b27f56bea3dc3107
SHA512

642507d13feda6d76a5c8b2dacd53dab924e10e54d034cfa583abafed438219ef1a45966fa824f0343c979ddc158f4241bf4c1d9c0ea82ade49a85ca8b88de87
SSDEEP

6144:ybddzZTJw8VFfRnJGhTIGBUMvzV2NX61gGC5CncwzTzFFGoPLygDeqOJTP3NK1NK:cpnfRnJGSUUg+6iSf7Gos20P

Score

N/A

Malware Config

Signatures

Files

e9f4aedd8d793df9c6b51e98db56c4d19044fb99dbef5507b27f56bea3dc3107
.exe windows x86

c9d610d6f0c6bf04d9b3be591e3caa40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
malloc
realloc
free
memmove
_purecall
??2@YAPAXI@Z
_adjust_fdiv

advapi32

CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ChangeServiceConfigA
RegFlushKey
CloseServiceHandle
RegEnumKeyExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA
ControlService
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyA
RegSetValueExA
CryptCreateHash
CryptHashData
CryptGetHashParam
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

kernel32

GetComputerNameA
IsDBCSLeadByte
HeapDestroy
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
OpenEventA
GetVersionExA
LocalAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetShortPathNameA
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
SetLastError
GetTimeFormatA
GetDateFormatA
FormatMessageA
CompareFileTime
SystemTimeToFileTime
CreateMutexA
ReleaseMutex
ResumeThread
FindClose
FindFirstFileA
TerminateThread
GetCurrentProcessId
LockResource
FindNextFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
DuplicateHandle
GetStartupInfoA
GlobalFree
GlobalHandle
LocalReAlloc
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
HeapAlloc
VirtualFree
VirtualAlloc
OpenProcess
GetSystemDirectoryA
CreateProcessA
GetModuleHandleA
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
GetUserDefaultLCID
GetSystemDefaultLCID
FileTimeToSystemTime
lstrcatA
CompareStringA
GetLocalTime
SetEndOfFile
lstrlenW
SetFilePointer
ReadFile
MulDiv
GetTickCount
lstrcpynA
lstrlenA
MultiByteToWideChar
CreateThread
ResetEvent
Sleep
lstrcpyA
lstrcmpA
DeleteFileA
SetEvent
CloseHandle
WriteFile
GetLastError
WaitForSingleObject
LocalFree
GetProcAddress
FreeLibrary
InterlockedDecrement
QueryPerformanceFrequency
SetPriorityClass
GetPriorityClass
GetSystemInfo
GetStringTypeExA
SetErrorMode
GetFileAttributesA
CreateDirectoryA
RtlUnwind
GetTempPathA
GetTempFileNameA
CreateFileA
FreeResource
CreateEventA
LoadLibraryA

gdi32

GetTextExtentPointA
GetSystemPaletteUse
GetSystemPaletteEntries
PatBlt
StretchBlt
GetMapMode
SetBkColor
ExtTextOutA
CreatePalette
CreatePen
MoveToEx
LineTo
SelectPalette
RealizePalette
SetBkMode
SetTextColor
GetTextMetricsA
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetObjectA
CreateRectRgnIndirect
CreateDCA
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
GetDeviceCaps
CreateFontIndirectA
CreateSolidBrush
GetStockObject
SelectObject
DeleteObject
CreateDIBSection

user32

EqualRect
IntersectRect
GetWindow
SetWindowTextA
GetWindowTextA
RegisterClassExA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
IsWindow
GetKeyState
DestroyAcceleratorTable
IsChild
GetFocus
GetSysColor
ReleaseCapture
SetCapture
InvalidateRgn
EndPaint
BeginPaint
RedrawWindow
GetClassNameA
CreateWindowExA
RegisterClassA
GetMessageA
CreateAcceleratorTableA
IsWindowVisible
SetCursor
MessageBeep
LoadBitmapA
IsDialogMessageA
SetTimer
KillTimer
GetLastActivePopup
GetDoubleClickTime
CharUpperBuffA
CheckDlgButton
IsDlgButtonChecked
MoveWindow
CreateDialogParamA
DrawTextA
SetRect
GetScrollPos
GetSystemMetrics
SystemParametersInfoA
LoadImageA
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindowEnabled
GetDlgCtrlID
GetWindowPlacement
OffsetRect
RemoveMenu
AppendMenuA
CharLowerA
InSendMessage
ModifyMenuA
GetMenuItemID
GetMenuItemCount
FindWindowExA
DrawIconEx
GetTopWindow
DrawEdge
SetParent
CheckRadioButton
ExitWindowsEx
LoadStringW
CheckMenuItem
TrackPopupMenuEx
GetForegroundWindow
GetMenu
GetSystemMenu
SetWindowPlacement
SendMessageTimeoutA
DeleteMenu
InsertMenuItemA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowTextLengthA
LoadMenuA
GetSubMenu
GetMenuItemInfoA
SetMenuItemInfoA
EnableMenuItem
InsertMenuA
MapWindowPoints
GetWindowRect
TrackPopupMenu
DestroyMenu
GetCursorPos
SetCursorPos
DestroyIcon
MessageBoxA
CharNextA
LoadAcceleratorsA
TranslateAcceleratorA
CopyAcceleratorTableA
SetFocus
wsprintfA
CharUpperA
CharToOemA
ShowWindow
LoadIconA
SetWindowRgn
SetWindowPos
GetDesktopWindow
DefWindowProcA
UnionRect
PtInRect
PostThreadMessageA
FindWindowA
GetWindowLongA
SetForegroundWindow
GetDlgItemTextA
LoadStringA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
PeekMessageA
SetDlgItemTextA
GetClientRect
InvalidateRect
UpdateWindow
FrameRect
FillRect
ReleaseDC
GetParent
SetWindowLongA
PostMessageA
DialogBoxParamA
EndDialog
SendMessageA
GetDlgItem
EnableWindow
SendDlgItemMessageA
WinHelpA
AdjustWindowRectEx
GetMessagePos
GetSysColorBrush
GetClassInfoA
GetIconInfo
GetDC

winmm

mmioRead
waveOutClose
waveOutOpen
waveInClose
waveInOpen
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
PlaySoundA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mmioClose
mmioAscend
mmioDescend
mmioOpenA
waveInStart
waveInPrepareHeader
waveInUnprepareHeader
waveInReset
waveInAddBuffer
waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutWrite
mmioSeek
mixerClose

wsock32

gethostname
inet_addr
ioctlsocket
WSACleanup
WSAStartup
getsockname
gethostbyname

comctl32

ord6
ord8
CreateToolbarEx
ImageList_AddMasked
ImageList_DrawEx
ImageList_Destroy
InitCommonControlsEx
PropertySheetA
ImageList_Create
ImageList_ReplaceIcon

ole32

IsAccelerator
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoRegisterMessageFilter
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CoCreateInstance
CoInitializeEx
CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromCLSID
OleSaveToStream
WriteClassStm
CreateOleAdviseHolder
OleUninitialize
OleInitialize
CreateStreamOnHGlobal

oleaut32

VariantClear
RegisterTypeLi
LoadTypeLi
VariantChangeType
SysStringByteLen
LoadRegTypeLi
SysStringLen
SysFreeString
OleCreatePropertyFrame
VarUI4FromStr
SysAllocString
SysAllocStringLen

shlwapi

StrChrA
StrCmpNIA

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA

crypt32

CertFreeCertificateContext
CertEnumCertificatesInStore
CertGetSubjectCertificateFromStore
CertGetIssuerCertificateFromStore
CertOpenSystemStoreA
CertNameToStrA
CertCreateCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore

nmas

StartStopOldWB
CreateASObject

mst120

T120_CloseApplet
T120_CreatePluggableTransport
T120_CreateAppletSAP
T120_QueryApplet
T120_LoadApplet

netapi32

Netbios

Sections

.text
Size: 340KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 662KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9d610d6f0c6bf04d9b3be591e3caa40

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

winmm

wsock32

comctl32

ole32

oleaut32

shlwapi

shell32

crypt32

nmas

mst120

netapi32

Sections

.text Size: 340KB - Virtual size: 337KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 662KB - Virtual size: 662KB

.text
Size: 340KB - Virtual size: 337KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 662KB - Virtual size: 662KB