f9f91186cad3053e7fdb2cb41ceba0a0bb24dfaced3c0a5e83331c971e9a5c2b

Sharing

Copy URL Twitter E-mail

General

Target

f9f91186cad3053e7fdb2cb41ceba0a0bb24dfaced3c0a5e83331c971e9a5c2b
Size

157KB
MD5

4919365ee10d6b1629e8f6d7343f8c3e
SHA1

573428dea02bf3947e46a1c02e34d2d0b7d51ca3
SHA256

f9f91186cad3053e7fdb2cb41ceba0a0bb24dfaced3c0a5e83331c971e9a5c2b
SHA512

ecc453c089bfaed84e6af6cd866addfc046c3a8cf448fb007d9c9576600b8fc7e6fc0a951541edcedfb57a7426707446f7d727b145cb1de5c39955ab5df30408
SSDEEP

3072:0IYKZryUy2VTuiT7YOsi3ciF/dHM4MOgB7LVpfvVjKHqNOcvHUqPJ/SrVwMqot8Z:1g6TfT7cij05B7LVpvttNOFqPpqVenR

Score

N/A

Malware Config

Signatures

Files

f9f91186cad3053e7fdb2cb41ceba0a0bb24dfaced3c0a5e83331c971e9a5c2b
.exe windows x86

4dddc5cbbc6f2f5599d582361d18dca1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
VerFindFileA
GetFileVersionInfoSizeW

shell32

SHGetFolderPathW
DragAcceptFiles

kernel32

GetStdHandle
GetThreadLocale
GetTickCount
GetVersion
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryExA
GetStartupInfoA
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcpynA
lstrlenA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCurrentThreadId
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitThread
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateThread
LocalAlloc

advapi32

RegCreateKeyExW
SystemFunction014
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
RegSetValueExW
RegQueryValueExA
OpenProcessToken
LsaSetQuotasForAccount
LsaGetSystemAccessAccount
InitializeSecurityDescriptor
GetUserNameW
GetLengthSid
FreeSid
CryptSetProvParam
CryptImportKey
CheckTokenMembership
AreAnyAccessesGranted
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAccessAllowedAce
OpenThreadToken

rpcrt4

NdrPointerMarshall
RpcSsGetContextBinding
RpcSsDestroyClientContext
RpcSmDisableAllocate
RpcServerInqIf
RpcIfIdVectorFree
RpcAsyncRegisterInfo
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
NdrEncapsulatedUnionBufferSize
NdrFixedArrayFree
NdrFixedArrayMemorySize
NdrFullPointerXlatFree
NdrMesSimpleTypeDecode
NdrRpcSsEnableAllocate
NdrServerCall2
NdrSimpleStructUnmarshall
NdrSimpleTypeUnmarshall
NdrXmitOrRepAsFree
NdrpReleaseTypeGenCookie
RpcAsyncCancelCall

winmm

waveOutGetVolume
waveInOpen
mmsystemGetVersion
mmioWrite
midiStreamRestart
midiOutClose
midiInReset
joyGetThreshold
aux32Message

user32

IntersectRect
IsWindowUnicode
DispatchMessageA
KillTimer
WaitForInputIdle
UpdateWindow
UnpackDDElParam
ToUnicode
ShowWindow
SetTimer
SetClipboardViewer
RegisterClassA
PtInRect
BringWindowToTop
CloseClipboard
CreateIconFromResourceEx
CreateMenu
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
GetWindowPlacement
EnableScrollBar
GetComboBoxInfo
GetDC
GetDlgItem
GetListBoxInfo
GetMessageA
GetNextDlgTabItem
GetPriorityClipboardFormat
GetShellWindow
PostQuitMessage

msvcrt

_XcptFilter
__CxxFrameHandler
__badioinfo
__dllonexit
__doserrno
__pioinfo
_amsg_exit
_atoi64
_errno
_execl
_fileno
_getche
_heapused
_initterm
_iob
_isatty
_ismbcspace
_ismbcsymbol
_itow
_lrotl
_lseeki64
_memicmp
_onexit
_popen
_purecall
_setsystime
_snprintf
_snwprintf
_spawnl
_spawnlp
_stricmp
_strnicmp
_vsnwprintf
_wcslwr
_wcsnicmp
_wcsupr
_wctime
_wgetenv
_wrename
_write
_wsetlocale
_wstrtime
_wtmpnam
_wtol
atoi
atol
ceil
feof
fgets
fprintf
fseek
ftell
isleadbyte
isprint
isspace
iswalnum
iswalpha
iswdigit
iswprint
iswspace
iswupper
ldexp
malloc
memcpy
memmove
printf
qsort
realloc
sscanf
strchr
strcpy
strcspn
strncat
strncmp
strstr
strtoul
swscanf
towlower
towupper
wcsncmp
wcsncpy
wcsrchr
wctomb

Exports

Exports

CreateTexture
HrIndexOfWeek
IsHttpUrlA
Restore

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dddc5cbbc6f2f5599d582361d18dca1

Headers

DLL Characteristics

File Characteristics

Imports

version

shell32

kernel32

advapi32

rpcrt4

winmm

user32

msvcrt

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 2KB - Virtual size: 1KB