d9c2fa82ed3eb09ea94636bc849b450ea468850367718942f3e6a96f051ea529

Sharing

Copy URL Twitter E-mail

General

Target

d9c2fa82ed3eb09ea94636bc849b450ea468850367718942f3e6a96f051ea529
Size

194KB
MD5

8c8c2c249ae5534dfe53901f0ed6357d
SHA1

dc18ab22741037a6717cbbfaa3a2caa06715372e
SHA256

d9c2fa82ed3eb09ea94636bc849b450ea468850367718942f3e6a96f051ea529
SHA512

1a921d348194c8bd8056fb0cc487c54a3b11e99a7ea0ab17af67c1d9f8314d8d29cf87119cede657e8b94cadfcbd5bb087191ac6ec764d0bdab25415d085bd28
SSDEEP

3072:pJ99+LfS88NwPUu0OaV4KuyMJyNNHiNKchh5vbuGLHpuBh4v2CfIhNFuou5E6gsd:pz9afF5TuauP0fOFuou5E6LJ

Score

N/A

Malware Config

Signatures

Files

d9c2fa82ed3eb09ea94636bc849b450ea468850367718942f3e6a96f051ea529
.exe windows x86

8188d7a5b17b0d209d3fcc5a4460d18b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnhookWinEvent
MsgWaitForMultipleObjects
SetWinEventHook
GetWindowInfo
OemToCharBuffA
UnregisterHotKey
ReplyMessage
MessageBoxExA
AnimateWindow
CharToOemBuffA
DeleteMenu
EnumWindowStationsA
SetPropW

gdi32

CreateDCA
CreateColorSpaceW
CreateColorSpaceA
CreateDIBSection
CombineRgn
AnimatePalette

mpr

WNetDisconnectDialog
WNetAddConnection3W
WNetGetUniversalNameW
WNetCancelConnection2W
WNetGetUserW

kernel32

HeapAlloc
LoadLibraryW
HeapReAlloc
HeapFree
IsValidCodePage
GetOEMCP
CreateFileW
CloseHandle
GetStringTypeW
LCMapStringW
HeapSize
WideCharToMultiByte
GetACP
GetCPInfo
RtlUnwind
SetFilePointer
MultiByteToWideChar
WriteConsoleW
VerLanguageNameA
GetProfileSectionA
VirtualQueryEx
GlobalFindAtomW
GlobalFree
EnumCalendarInfoExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetLastError
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
DeleteCriticalSection
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
Sleep

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8188d7a5b17b0d209d3fcc5a4460d18b

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

mpr

kernel32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 16KB

.rsrc Size: 155KB - Virtual size: 156KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 16KB

.rsrc
Size: 155KB - Virtual size: 156KB