9f9b2a0dfa5be79a0ae06a15be07e3846eeb6e5e8f361b53f0a361dadca2d98e

Sharing

Copy URL Twitter E-mail

General

Target

9f9b2a0dfa5be79a0ae06a15be07e3846eeb6e5e8f361b53f0a361dadca2d98e
Size

88KB
MD5

1ce808e1bbf574b1332a0ba114222f33
SHA1

686d3e88806bca3f96a3fa2263bb55421878195c
SHA256

9f9b2a0dfa5be79a0ae06a15be07e3846eeb6e5e8f361b53f0a361dadca2d98e
SHA512

b0f0b89a390ceee8fe9d003999d8a97f98fbf8aaad71f34db4174616f6cf8586947f26f9af8e889100a0df8c30955f49e27f34fec38da0a477eb51f900e5b08f
SSDEEP

1536:6n7U13J6JOx+m8411mTegBj4m5wdCp6hIrqAs9pvZN0550aW7bTI:W7U13J6Jwx841QZjj8OW36SBTI

Score

N/A

Malware Config

Signatures

Files

9f9b2a0dfa5be79a0ae06a15be07e3846eeb6e5e8f361b53f0a361dadca2d98e
.exe windows x86

e5f805e2ef68a7807d552c95171f86cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
strlen
time
strstr
memset
fopen
printf
sprintf
exit
strcat
strcpy
fclose
fread
fgetc
fseek
ftell

kernel32

GetStartupInfoA
GetModuleHandleA
GetSystemDirectoryA
lstrlenA
lstrcpyA
lstrcatA
Process32Next
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
DeleteFileA
Sleep
GetPrivateProfileIntA
WritePrivateProfileStringA
GetTickCount
GetModuleFileNameA
WinExec
CloseHandle
WriteFile
CreateFileA
MoveFileA
VirtualProtect

user32

SystemParametersInfoA
EnumWindows
PostMessageA
CharUpperA
ActivateKeyboardLayout
GetKeyboardLayoutList

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

imm32

ImmInstallIMEA

Sections

.text
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dsf0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.dsf1
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5f805e2ef68a7807d552c95171f86cc

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

imm32

Sections

.text Size: - Virtual size: 2KB

.rdata Size: - Virtual size: 1KB

.data Size: - Virtual size: 110KB

.rsrc Size: 4KB - Virtual size: 1KB

.dsf0 Size: - Virtual size: 20KB

.dsf1 Size: 76KB - Virtual size: 72KB

.reloc Size: 4KB - Virtual size: 88B

.text
Size: - Virtual size: 2KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 110KB

.rsrc
Size: 4KB - Virtual size: 1KB

.dsf0
Size: - Virtual size: 20KB

.dsf1
Size: 76KB - Virtual size: 72KB

.reloc
Size: 4KB - Virtual size: 88B