a9f0c9ec64e1f659a448d1feb0de43a3f9a676f318bd001bcb204eccb28a3ea0

Sharing

Copy URL Twitter E-mail

General

Target

a9f0c9ec64e1f659a448d1feb0de43a3f9a676f318bd001bcb204eccb28a3ea0
Size

313KB
MD5

3bba03f075abeda3c869e630b7da6087
SHA1

75a8fc8324951e2e1615ec5f54364de7ff5b531c
SHA256

a9f0c9ec64e1f659a448d1feb0de43a3f9a676f318bd001bcb204eccb28a3ea0
SHA512

0673e35b656ec282d86f4441ac3f8be7906ef1871bf878dc241822f5a0b201d50b8d1fcc5ccffa36eb4e4efefc906b826f7efd491842a84256cc0a7b8811245f
SSDEEP

6144:LxOLascfym1Zzj1OwVprQfKFYq9I8bOSmwqJ4yo8nClfA94y:LxWas+y8zj1Ow7rQf+9xs7oA0fA94

Score

N/A

Malware Config

Signatures

Files

a9f0c9ec64e1f659a448d1feb0de43a3f9a676f318bd001bcb204eccb28a3ea0
.exe windows x86

ee62e323b06e5c1498e0759e98c18d47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetErrorInfo
SafeArrayGetUBound
SetErrorInfo
VarBstrCat
SysFreeString
SysAllocString
SafeArrayCreate
VariantClear
SafeArrayUnlock
SafeArrayDestroy
SystemTimeToVariantTime
SysStringByteLen
SysStringLen
SysAllocStringLen
SafeArrayLock
SysAllocStringByteLen
VariantInit
SafeArrayGetLBound
VariantTimeToSystemTime
LoadRegTypeLib
VarCyFromDec
VarUI2FromStr
VarDecMul
VarCyFromR4
VarCyFromI8
VarUI4FromI2
CreateDispTypeInfo
VarR4FromCy
SafeArrayDestroyDescriptor
VarBoolFromR4
VarR8FromI2
VarUI2FromI4
VarR8FromDec
SetVarConversionLocaleSetting
LHashValOfNameSys
VarI8FromUI1
VarI2FromUI8
VarUI2FromBool
VarBoolFromI4
VarI1FromStr
SafeArrayRedim
VarI4FromI8
VarBstrFromI4
VarUI1FromI8
OleLoadPicture
SafeArrayGetElement
SafeArrayGetDim

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ole32

CoCreateGuid
OleInitialize
CoUninitialize
CoInitialize
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
CoCreateInstance
OleUninitialize
StringFromGUID2
CreateStreamOnHGlobal
CoInitializeSecurity

shell32

SHGetFileInfoW
ShellExecuteExW
SHFileOperationW
SHGetFolderPathW

kernel32

CompareFileTime
GetCurrentThreadId
CreateProcessW
InitializeCriticalSectionAndSpinCount
GetLongPathNameW
GetSystemDefaultLCID
IsValidCodePage
CloseHandle
FindResourceW
CopyFileW
SetThreadPriority
SetFilePointer
MapViewOfFile
SuspendThread
CreateEventW
HeapSize
IsProcessorFeaturePresent
CreateEventA
GetFileSize
EnterCriticalSection
VirtualQueryEx
GetExitCodeThread
FindNextFileW
GetSystemTime
OpenThread
SetUnhandledExceptionFilter
GetACP
SetThreadContext
FindClose
GetFullPathNameW
GetStdHandle
TlsGetValue
LoadResource
GetUserDefaultLCID
GetDriveTypeW
WideCharToMultiByte
GetCommandLineW
GetUserDefaultUILanguage
IsDebuggerPresent
GetFileAttributesExW
ReleaseMutex
LoadLibraryExW
GetThreadContext
WaitForSingleObject
UnmapViewOfFile
CreateProcessA
CompareStringW
FileTimeToSystemTime
QueueUserAPC
GetModuleHandleA
FindResourceExW
LeaveCriticalSection
HeapReAlloc
SwitchToThread
GetSystemTimeAsFileTime
GetDiskFreeSpaceExW
ReleaseSemaphore
DeleteAtom
HeapDestroy
GetSystemInfo
CreateFileA
LockResource
FlushFileBuffers
AddAtomW
HeapFree
OutputDebugStringW
SetLastError
FindAtomW
RaiseException
CreateFileMappingA
DeleteCriticalSection
CreateFileW
OpenProcess
DeleteFileW
SystemTimeToFileTime
lstrlenA
UnhandledExceptionFilter
TlsSetValue
GetLogicalDrives
SizeofResource
ResumeThread
ExpandEnvironmentStringsW
VirtualQuery
FormatMessageW
LocalFree
HeapSetInformation
MoveFileW
CreateThread
ReadFile
CreateMutexA
HeapAlloc
DuplicateHandle
GetProcessHeap
TlsAlloc
FindFirstFileW
WriteFile
VirtualProtect
VirtualAlloc
CompareStringA
CreateDirectoryW
FlushInstructionCache
GetModuleHandleW
lstrlenW
CreateSemaphoreW
SetEnvironmentVariableW
FreeLibrary
TlsFree
CreateFileMappingW
GetCurrentProcess
VirtualAllocEx

user32

SetTimer
RegisterClassW
DispatchMessageW
ShowWindow
DestroyWindow
CreateWindowExW
GetSystemMetrics
LoadStringW
CharNextW
SystemParametersInfoA
LoadImageW
GetMessageTime
PeekMessageW
TranslateMessage
LoadIconW
MessageBoxExW
UpdateLayeredWindow
KillTimer
UnregisterClassW
DefWindowProcW
MessageBoxW
MsgWaitForMultipleObjectsEx
GetWindowTextW

crypt32

CryptUnprotectData

advapi32

RegDeleteValueW
CryptAcquireContextW
RegQueryInfoKeyA
RegQueryInfoKeyW
CryptDestroyHash
RegDeleteKeyW
CryptDestroyKey
CryptImportKey
CryptHashData
AllocateAndInitializeSid
CheckTokenMembership
GetTokenInformation
RegEnumValueW
ConvertSidToStringSidW
RegEnumKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
RegQueryValueExW
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyExW
IsValidSid
CryptCreateHash
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegCloseKey
RegSetValueExW
CryptVerifySignatureW
CryptReleaseContext
FreeSid
RegEnumKeyExW
RegDeleteValueA

shlwapi

PathFileExistsW
PathAppendW
PathFindExtensionW
PathAddBackslashW
PathIsFileSpecW
PathMatchSpecW
PathRemoveBlanksW
SHCreateStreamOnFileEx
PathStripPathW
PathIsDirectoryW
StrToInt64ExW
AssocQueryStringW
PathRemoveFileSpecW
PathRemoveBackslashW
PathFindFileNameW
PathRenameExtensionW
StrToIntExW
StrToIntW
PathCombineW

gdi32

DeleteObject
DeleteDC
GetObjectW
CreateCompatibleDC
SelectObject

ntprint

PSetupSelectDriver
PSetupDestroyPrinterDeviceInfoList
ClassInstall32
PSetupDestroyDriverInfo3

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 59KB - Virtual size: 878KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 158KB - Virtual size: 733KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee62e323b06e5c1498e0759e98c18d47

Headers

File Characteristics

Imports

oleaut32

version

ole32

shell32

kernel32

user32

crypt32

advapi32

shlwapi

gdi32

ntprint

Sections

.text Size: 20KB - Virtual size: 19KB

.bss Size: 59KB - Virtual size: 878KB

.reloc Size: 158KB - Virtual size: 733KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 49KB - Virtual size: 53KB

.rsrc Size: 19KB - Virtual size: 22KB

.text
Size: 20KB - Virtual size: 19KB

.bss
Size: 59KB - Virtual size: 878KB

.reloc
Size: 158KB - Virtual size: 733KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 49KB - Virtual size: 53KB

.rsrc
Size: 19KB - Virtual size: 22KB