f9dd935ba09e778690e7738e404390fb16fcf3477259b275e532487cbe27af46

Sharing

Copy URL Twitter E-mail

General

Target

f9dd935ba09e778690e7738e404390fb16fcf3477259b275e532487cbe27af46
Size

77KB
MD5

158e86d7d3d6346ed267297567e3cf90
SHA1

41794c103f90fc35980ba49bac47ac0306e00132
SHA256

f9dd935ba09e778690e7738e404390fb16fcf3477259b275e532487cbe27af46
SHA512

6fa1f9d9d7fad9f6c6c865b9e9dbfa444e5bdb31796b470c8ec2753237b16d43399413092c62e8826cad4aa6cf968f43918f99aa4f11be03e565b7a016175284
SSDEEP

768:AJWgGoD8awKX2R279prYekoToGET/Roz+tgTw2x/niqnggIM5n5bDx:rJKX2R27vk3GET/R7t4/iqlnxDx

Score

N/A

Malware Config

Signatures

Files

f9dd935ba09e778690e7738e404390fb16fcf3477259b275e532487cbe27af46
.exe windows x86

674d438ad386ee6da0ccc1643efbaf86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
WriteFile
CloseHandle
ReadFile
GetFileSize
CreateFileA
LockResource
LoadResource
FindResourceA
GetTempPathA
GetModuleFileNameA
GetLastError
CreateMutexA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
VirtualFreeEx
WideCharToMultiByte
lstrlenW
ReadProcessMemory
VirtualAllocEx
SetEndOfFile
LoadLibraryA
GetProcAddress
GetPrivateProfileIntA
WritePrivateProfileStringA
OpenProcess
DeleteFileA
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetCPInfo
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetFileAttributesA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegSetValueExA

shell32

SHFileOperationA
SHGetSpecialFolderPathA

user32

PostMessageA
SendMessageA
FindWindowExA
ShowWindow
wsprintfA
GetWindowThreadProcessId
FindWindowA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA
HttpQueryInfoA
InternetReadFile

Sections

KuNgBiM
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KuNgBiM
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

674d438ad386ee6da0ccc1643efbaf86

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

user32

version

wininet

Sections

KuNgBiM Size: 68KB - Virtual size: 68KB

KuNgBiM Size: 6KB - Virtual size: 8KB

.avc Size: 2KB - Virtual size: 4KB

KuNgBiM
Size: 68KB - Virtual size: 68KB

KuNgBiM
Size: 6KB - Virtual size: 8KB

.avc
Size: 2KB - Virtual size: 4KB