6a9c9ffd5c1bcdd4cdad0b4b86cff553a6f1a7338eec1c9fb3e6a5f181c6df41

Sharing

Copy URL Twitter E-mail

General

Target

6a9c9ffd5c1bcdd4cdad0b4b86cff553a6f1a7338eec1c9fb3e6a5f181c6df41
Size

458KB
MD5

249cab2e40007f1154dceb8f442044e0
SHA1

e4f2b339a3210c97c1fc2d9548a3008ad8d7644d
SHA256

6a9c9ffd5c1bcdd4cdad0b4b86cff553a6f1a7338eec1c9fb3e6a5f181c6df41
SHA512

390e2050f2f74ee7d2967321fd3513ae6b20323cdc8b71aee554c8ed42d6e2315f8a94f233c9d806b7d0ebfcfc08a3c9b2cb0beb0af854943ec93adc3a239c0b
SSDEEP

6144:lRs29LnNDfJW3hmkUALpbUiuyjm3PMOt2U+4F2KPXJ4HI3ifeFn2zTG8GfHMzQYG:LLZNhwmkUUp0EBUl94IAeYG

Score

N/A

Malware Config

Signatures

Files

6a9c9ffd5c1bcdd4cdad0b4b86cff553a6f1a7338eec1c9fb3e6a5f181c6df41
.exe windows x86

13fdaa9127fb44bb2be733d659492b27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsReplaceRecordSetW

ntdll

RtlAnsiStringToUnicodeString
wcslen
RtlUnicodeToMultiByteSize
_wcsicmp
RtlUnicodeStringToAnsiString
RtlUnwind
RtlIsNameLegalDOS8Dot3
memmove
_chkstk
_vsnwprintf
NtQueryVirtualMemory
RtlInitUnicodeStringEx

mswsock

GetAcceptExSockaddrs
AcceptEx

advapi32

RegQueryValueW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExW
RegQueryValueExW

ws2_32

freeaddrinfo
WSAStringToAddressA
WSASendTo
WSAAddressToStringW
WSALookupServiceBeginW
WSASocketW
WSALookupServiceEnd
getaddrinfo
WSARecvFrom
getnameinfo
WSAAddressToStringA
WSALookupServiceNextW
WSAEventSelect
WSAIoctl

gdi32

PatBlt
GetTextCharset
TextOutW
GetNearestColor
GetCharWidth32W
MoveToEx
CreateICW
CreatePen
ExcludeClipRect
SetTextColor
GetViewportExtEx
EnumFontFamiliesExW
SetViewportExtEx
GetTextMetricsW
CreateDCW
GetTextExtentPointW
SetWindowExtEx
DeleteDC
CreateDIBitmap
CreateCompatibleBitmap
ExtTextOutW
SetBkColor
DeleteObject
TranslateCharsetInfo
CreateFontIndirectW
CreateFontW
GetWindowExtEx
SelectObject
Rectangle
LineTo
GetStockObject
GetDeviceCaps
GetTextCharsetInfo
BitBlt
GetObjectW
SelectPalette
RealizePalette
CreateCompatibleDC
SetBkMode
CreateDiscardableBitmap
CreateSolidBrush
GetMapMode
SetMapMode
SelectClipRgn
CreateRectRgnIndirect

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree

comctl32

PropertySheetW
ImageList_Draw
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIconSize
CreatePropertySheetPageW
CreateToolbarEx

user32

GetDlgItemTextW
CallNextHookEx
FrameRect
GetDlgItemInt
ScreenToClient
CheckDlgButton
IsWindow
CreateDialogIndirectParamA
EqualRect
ShowWindow
SetDlgItemTextW
IntersectRect
DeleteMenu
DefWindowProcW
PeekMessageW
CreateWindowExW
TranslateAcceleratorW
MessageBeep
GetKeyState
FillRect
GetSysColor
DialogBoxIndirectParamW
GetLastActivePopup
SendMessageW
RegisterWindowMessageA
GetSystemMetrics
LoadIconW
SetWindowPlacement
UnhookWindowsHookEx
IsWindowVisible
LockWindowUpdate
GetDlgItemTextA
SetPropW
PtInRect
DialogBoxIndirectParamAorW
EndDeferWindowPos
InflateRect
MapWindowPoints
SetWindowPos
WinHelpW
ReleaseDC
GetFocus
MessageBoxW
GetWindowRect
SetParent
BeginDeferWindowPos
SetTimer
FindWindowExW
CallWindowProcW
DlgDirListW
DeferWindowPos
MsgWaitForMultipleObjects
RegisterClipboardFormatW
GrayStringW
ValidateRect
CharLowerW
DrawIcon
LoadAcceleratorsW
SetCapture
KillTimer
DispatchMessageW
UpdateWindow
SetWindowTextW
GetSystemMenu
RegisterWindowMessageW
CopyRect
GetSysColorBrush
EnumChildWindows
CharNextA
GetDC
LoadImageW
SetDlgItemInt
DrawTextW
GetKeyboardLayout
GetWindowPlacement
DestroyWindow
GetWindowLongW
GetWindowLongA
DestroyMenu
IsDlgButtonChecked
RemovePropW
ClipCursor
CheckRadioButton
CreateDialogIndirectParamAorW
CreateDialogIndirectParamW
ChildWindowFromPoint
SetWindowsHookExW
EndDialog
DrawEdge
InvalidateRect
GetPropW
CreatePopupMenu
MoveWindow
GetDlgItem
GetParent
PostMessageW
SetWindowLongW
GetWindow
EnableWindow
SetDlgItemTextA
CharNextW
BeginPaint
GetClientRect
GetWindowTextLengthW
SetFocus
LoadStringW
IsWindowEnabled
GetDlgCtrlID
GetDialogBaseUnits
CharPrevW
SetCursor
SendDlgItemMessageW
EndPaint
TranslateMessage
ShowCursor
GetWindowTextW
LoadCursorW
DrawFocusRect
RedrawWindow

kernel32

LoadResource
CreateFileW
GetUserDefaultLCID
GetModuleHandleA
LocalSize
LoadLibraryW
LocalReAlloc
GetShortPathNameW
SetLastError
LocalFree
lstrcmpiW
FreeResource
InitializeCriticalSectionAndSpinCount
CloseHandle
GetCurrentProcessId
GlobalReAlloc
LocalAlloc
FreeLibraryAndExitThread
GetCurrentDirectoryW
TerminateProcess
FindResourceA
GetSystemDefaultUILanguage
InterlockedDecrement
lstrcpyW
GetTickCount
FormatMessageW
GetProcessVersion
GetVersionExA
CreateThread
GetSystemTimeAsFileTime
MultiByteToWideChar
GlobalAlloc
FreeLibrary
DeleteFileW
FindNextFileW
UnhandledExceptionFilter
LoadLibraryA
ResetEvent
GlobalUnlock
FindClose
DisableThreadLibraryCalls
lstrlenA
SetUnhandledExceptionFilter
WaitForSingleObject
LeaveCriticalSection
GetProcAddress
SetCurrentDirectoryW
GetModuleFileNameW
GetFileAttributesW
FindFirstFileW
TlsSetValue
WideCharToMultiByte
lstrlenW
ExpandEnvironmentStringsW
lstrcpyA
TlsFree
GlobalFree
TlsGetValue
GetACP
QueryPerformanceCounter
DeleteCriticalSection
CreateEventW
GetVolumeInformationW
lstrcpynW
LockResource
InterlockedCompareExchange
TlsAlloc
SetErrorMode
GetModuleHandleW
EnterCriticalSection
FindResourceExW
VirtualAlloc
SizeofResource
GetLastError
GetTempFileNameW
GetCurrentProcess
FindResourceW
MulDiv
DelayLoadFailureHook
SetEvent
GetDriveTypeW
GetFullPathNameW
InterlockedIncrement
GetCurrentThreadId
lstrcmpW
InterlockedExchange
GetLocaleInfoW
GlobalLock

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 405KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

13fdaa9127fb44bb2be733d659492b27

Headers

DLL Characteristics

File Characteristics

Imports

dnsapi

ntdll

mswsock

advapi32

ws2_32

gdi32

ole32

comctl32

user32

kernel32

Sections

.text Size: 14KB - Virtual size: 13KB

.rsrc Size: 20KB - Virtual size: 20KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 405KB - Virtual size: 1.8MB

.text
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 20KB - Virtual size: 20KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 405KB - Virtual size: 1.8MB