c9c825f54ea1dc25912e613d50b753c79d6305eb34f8ee1b7faa349f5d2e1f33

Sharing

Copy URL

Twitter E-mail

General

Target

c9c825f54ea1dc25912e613d50b753c79d6305eb34f8ee1b7faa349f5d2e1f33
Size

135KB
MD5

1f7aeec58011a0c2216cebbb8b4b76bc
SHA1

c05b595c9bdf62d5a35f00f5540b802d2049485f
SHA256

c9c825f54ea1dc25912e613d50b753c79d6305eb34f8ee1b7faa349f5d2e1f33
SHA512

9ff2911717a0ae4d13fbf4ca2df381f83e36efe2d2bd5263b769a8196a92eac22367d79586e8998fc057319a852725b249375a7d1813be99c5f1f705934aa75a
SSDEEP

3072:zukHvw5yW+XZ1QcekyBmjqyS9BRqKY5nQHQuXDMTde:zuCw+XTQclyMjqyS9B0KY5nXuXDue

Score

N/A

Malware Config

Signatures

Files

c9c825f54ea1dc25912e613d50b753c79d6305eb34f8ee1b7faa349f5d2e1f33
.exe windows x86

87f60dacc32b2ab1e388c26e1b6dbf0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_purecall
_wtoi
_vsnwprintf
memmove
_ftol
_wtol
wcsstr
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
wcslen
??2@YAPAXI@Z
_initterm
??3@YAXPAX@Z

atl

ord16
ord30
ord21

advapi32

GetUserNameW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
IsValidSid
CopySid
ImpersonateSelf
FreeSid
AllocateAndInitializeSid
InitiateSystemShutdownExW
RevertToSelf
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegOpenKeyW
AddAccessAllowedAce
InitializeAcl
GetLengthSid
RegOpenKeyExW
RegCloseKey

kernel32

GetTickCount
FreeLibrary
GetProcAddress
OpenEventW
GetSystemTime
FileTimeToSystemTime
GetCommandLineW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetTimeFormatW
CreateThread
GetLastError
GetCurrentProcess
DuplicateHandle
WaitForSingleObject
Sleep
ExitProcess
ReleaseMutex
SetEndOfFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
SetLastError
FlushFileBuffers
WriteFile
WideCharToMultiByte
HeapAlloc
SetEvent
CreateEventW
InterlockedDecrement
InterlockedIncrement
GetStartupInfoW
EnterCriticalSection
LoadLibraryExW
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
GetSystemWindowsDirectoryW
ReadFile
CreateFileW
LeaveCriticalSection
DeleteFileW
MultiByteToWideChar
CreateDirectoryW
GetFileAttributesW
GetProcessHeap
HeapReAlloc
HeapFree
LockResource
GetModuleHandleW
GetUserDefaultUILanguage
CloseHandle
CompareFileTime
GetSystemTimeAsFileTime
LoadResource
CompareStringW
GetCurrentThread
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
ExpandEnvironmentStringsW
lstrlenW
GetVersionExW
VerSetConditionMask
VerifyVersionInfoW
FindResourceExW
CreateMutexW

gdi32

GetTextMetricsW
GetObjectW
DeleteDC
CreateCompatibleDC
GetStockObject
SetBkMode
SetTextColor
DeleteObject
CreateFontIndirectW
SelectObject

user32

PeekMessageW
GetSystemMetrics
LoadStringW
DestroyIcon
ReleaseDC
GetDC
SetWindowPos
SendMessageW
SetWindowTextW
GetDlgItem
DestroyWindow
PostQuitMessage
IsWindowVisible
GetSysColor
GetFocus
DrawFocusRect
PtInRect
FillRect
LoadCursorW
SetCursor
SetCapture
ScreenToClient
ReleaseCapture
InvalidateRect
GetClassInfoExW
RegisterClassExW
DefWindowProcW
CreateDialogParamW
FindWindowW
FindWindowExW
DrawAnimatedRects
SetWindowLongW
CreateWindowExW
GetWindowTextLengthW
CheckDlgButton
GetClientRect
DrawIconEx
SetRect
DrawEdge
GetParent
BeginPaint
EndPaint
IsDlgButtonChecked
GetDlgItemTextW
GetSystemMenu
EnableMenuItem
SetFocus
SendDlgItemMessageW
SetDlgItemTextW
TranslateMessage
DispatchMessageW
LoadImageW
MsgWaitForMultipleObjects
IsDialogMessageW
ShowWindow
SetTimer
SetForegroundWindow
KillTimer
ExitWindowsEx
CharNextW
MapWindowPoints
GetWindowRect
DrawTextW
EnableWindow
SystemParametersInfoW
GetWindowLongW
GetWindowTextW

comctl32

InitCommonControlsEx

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoInitialize
CoTaskMemAlloc

oleaut32

SystemTimeToVariantTime

wuaucpl.cpl

ord1
ord4
ord2
ord3

wuaueng

ord1

msimg32

GradientFill

shell32

Shell_NotifyIconW

shlwapi

PathIsUNCW
PathStripToRootW
PathIsRelativeW
PathIsRootW
StrChrW
StrRChrW
PathFindExtensionW

wintrust

WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WinVerifyTrust

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aaiyswu
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87f60dacc32b2ab1e388c26e1b6dbf0d

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

atl

advapi32

kernel32

gdi32

user32

comctl32

ole32

oleaut32

wuaucpl.cpl

wuaueng

msimg32

shell32

shlwapi

wintrust

crypt32

Sections

.text Size: 73KB - Virtual size: 73KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 60KB - Virtual size: 61KB

aaiyswu Size: - Virtual size: 4KB

.text
Size: 73KB - Virtual size: 73KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 60KB - Virtual size: 61KB

aaiyswu
Size: - Virtual size: 4KB