9dcf6bd54acb2c6242a606f743df37ffd1e7844a7ad934786d51137b04ec579d

Sharing

Copy URL

Twitter E-mail

General

Target

9dcf6bd54acb2c6242a606f743df37ffd1e7844a7ad934786d51137b04ec579d
Size

2.5MB
MD5

3a2373b8468068848e7bb0d7307ec1d1
SHA1

8c63d1fef20bcdcbe80e665762be0c27ab70187a
SHA256

9dcf6bd54acb2c6242a606f743df37ffd1e7844a7ad934786d51137b04ec579d
SHA512

72cb0705e4d267faf22a701ed34415b33be04bba15303a76e5769f215a683c8045522a3a090672ba5ebfd5ea31a1df1929e2c007622328f52dfca71d542c4344
SSDEEP

49152:ZyWIMW8XE+rH1deS6gF36AEuosG3NyE5Q5gZPWxTJj1GRTDK2:kZl8XE0H1IS6g56AEuo1UEa5gJW3juK

Score

N/A

Malware Config

Signatures

Files

9dcf6bd54acb2c6242a606f743df37ffd1e7844a7ad934786d51137b04ec579d
.exe windows x86

e899c81683b5548f1fc3249b74153dec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
HeapCreate
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
ExitProcess
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetLastError
CreateFileW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
LCMapStringW
WideCharToMultiByte
GetStartupInfoW
HeapSetInformation
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
CreateThread
ExitThread
RaiseException
RtlUnwind
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
CompareStringW
lstrcmpiA
lstrcatA
GlobalFree
MulDiv
lstrcpynA
GetVersionExA
SetErrorMode
SetUnhandledExceptionFilter
GetCommandLineA
TerminateThread
FlushFileBuffers
ReleaseMutex
WaitForSingleObject
OpenMutexA
CreateMutexA
CloseHandle
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
VirtualQuery
GetModuleFileNameA
GetLastError
MultiByteToWideChar
GetPrivateProfileSectionA
GetLocalTime
GetCurrentProcess
LocalAlloc
Sleep
lstrlenA
OutputDebugStringA
GlobalAlloc
GlobalLock
GlobalUnlock
SetFilePointer
WriteFile
CreateDirectoryA
GetProcAddress
ResumeThread
HeapAlloc
HeapDestroy
DecodePointer
EncodePointer
InterlockedDecrement
InterlockedIncrement
SetStdHandle
LoadLibraryW
WriteConsoleW
GetModuleHandleA
SetEndOfFile
SuspendThread
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InitializeCriticalSection
LoadLibraryA
FreeLibrary
GetTickCount
GetCurrentDirectoryA
ReadFile
lstrcpyA
DeviceIoControl
CreateFileA
GetFileSize
GetModuleHandleW
SetEnvironmentVariableA

user32

GetWindowTextA
SendMessageA
UpdateWindow
wsprintfA
MessageBoxA
SetWindowPos
SystemParametersInfoA
PtInRect
SetWindowTextA
ShowWindow
GetKeyState
CreateWindowExA
SetTimer
PostQuitMessage
SetFocus
MoveWindow
KillTimer
DestroyWindow
SetClipboardData
CloseClipboard
SetRect
EnumDisplaySettingsA
LoadIconA
RegisterClassExA
DefWindowProcA
LoadImageA
DrawTextA
GetClientRect
ClientToScreen
LoadCursorA
SetCursor
GetMenu
EmptyClipboard
FrameRect
FillRect
AdjustWindowRectEx
ChangeDisplaySettingsA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyboardState
GetSystemMetrics
GetWindowRect
GetWindowLongA
SetWindowLongA
BeginPaint
InvalidateRect
EndPaint
CallWindowProcA
GetActiveWindow
IsIconic
GetCursorPos
ScreenToClient
OpenClipboard

gdi32

GetDIBColorTable
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDIBits
DeleteDC
GetTextExtentPoint32A
SetTextAlign
ExtTextOutA
GetDeviceCaps
CreatePen
MoveToEx
LineTo
Ellipse
RoundRect
SetBkMode
SelectObject
TextOutA
CreateFontA
SetBkColor
SetTextColor
UnrealizeObject
SetBrushOrgEx
DeleteObject
CreateSolidBrush

advapi32

CloseServiceHandle
AddAccessDeniedAce
InitializeAcl
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetSecurityInfo
DeleteService
ControlService
OpenServiceA
OpenSCManagerA
FreeSid
AddAccessAllowedAce

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

ws2_32

recv
closesocket
WSACleanup
send
WSAStartup
inet_addr
connect
WSAAsyncSelect
htons
gethostbyname
WSAIoctl
setsockopt
getsockopt
WSAGetLastError
socket
ioctlsocket

avifil32

AVIStreamInfoA
AVIStreamRead
AVIFileInit
AVIFileOpenA
AVIFileGetStream
AVIStreamReadFormat
AVIFileRelease
AVIStreamRelease
AVIFileExit
AVIStreamLength

msvfw32

ICSendMessage
ICClose
ICLocate
ICDecompress

comctl32

InitCommonControlsEx

ddraw

DirectDrawCreateEx
DirectDrawEnumerateExA

winmm

timeGetTime

dsound

ord1

netapi32

Netbios

imm32

ImmReleaseContext
ImmSetConversionStatus
ImmGetContext
ImmGetCompositionStringA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 727KB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e899c81683b5548f1fc3249b74153dec

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

avifil32

msvfw32

comctl32

ddraw

winmm

dsound

netapi32

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 237KB - Virtual size: 236KB

.data Size: 727KB - Virtual size: 4.8MB

.tls Size: 9KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 237KB - Virtual size: 236KB

.data
Size: 727KB - Virtual size: 4.8MB

.tls
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 2KB