c9fe980315b4a6173172f63828e9d1f087e5fcdab309ea10f326505a3081ea64

Sharing

Copy URL

Twitter E-mail

General

Target

c9fe980315b4a6173172f63828e9d1f087e5fcdab309ea10f326505a3081ea64
Size

199KB
MD5

9fdb5c00a6f5c82c474754b78ce83884
SHA1

2ae7697ba6d3d99fd308314ebe31d5fbefa696ad
SHA256

c9fe980315b4a6173172f63828e9d1f087e5fcdab309ea10f326505a3081ea64
SHA512

d7efd6cecd97196830b7678fd852fa640fc81ef4d5e6c1d8f3a8b25db60f9ea722009a0d4ca9550c67288599ee73e4aaa7ebdffadcafc302bd003ab007ee257b
SSDEEP

3072:9Lv1uEf8uBwhGhDdXsrhmnc2l2EchnYeybWWeheZf3Hi+sCSTGl:19uEEThWXsrhTddnYeDbyw1

Score

N/A

Malware Config

Signatures

Files

c9fe980315b4a6173172f63828e9d1f087e5fcdab309ea10f326505a3081ea64
.exe windows x86

efcb71a61ad80f3cda7d70e18e188188

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcessModules
GetModuleFileNameExW
GetModuleBaseNameW

comctl32

ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx
ImageList_SetBkColor

ws2_32

recv
send
WSAStartup
socket
gethostbyname
htons
connect

kernel32

DeleteFileW
SetFileAttributesW
GetFileAttributesW
GetShortPathNameW
MoveFileW
FindClose
FindNextFileW
FindFirstFileW
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
TerminateProcess
MoveFileExW
ReadFile
WriteFile
CreateFileW
DuplicateHandle
Process32NextW
Module32NextW
OpenProcess
Module32FirstW
Process32FirstW
CreateToolhelp32Snapshot
CreateFileA
GetProcAddress
LoadLibraryA
GetLastError
GetCommandLineW
CreateThread
RemoveDirectoryW
InterlockedExchange
RtlUnwind
GetCPInfo
GetCurrentProcess
GetACP
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualProtect
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
HeapSize
VirtualAlloc
VirtualFree
GetStringTypeW
HeapCreate
HeapDestroy
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
HeapAlloc
MultiByteToWideChar
GetModuleHandleA
GetStringTypeA
GetLongPathNameW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEndOfFile
LCMapStringA
LCMapStringW
CloseHandle
GetTickCount
GetOEMCP
Sleep
HeapReAlloc
GetModuleFileNameW
GetLocaleInfoA
HeapFree

user32

MessageBoxA
SendMessageA
DrawTextA
GetSystemMetrics
ReleaseCapture
PtInRect
LoadCursorA
SetCursor
SetCapture
DestroyCursor
CallWindowProcA
ClientToScreen
GetClientRect
MoveWindow
GetSysColor
ShowWindow
InvalidateRect
UpdateWindow
GetDlgItem
SendDlgItemMessageA
DialogBoxParamA
GetDlgItemTextW
LoadIconA
SetDlgItemTextA
SetDlgItemTextW
SetWindowTextA
PostMessageA
GetWindowRect
GetWindowPlacement
EndDialog
SetWindowPlacement
GetDC
SetWindowLongA

gdi32

CreateFontIndirectA
SelectObject
GetObjectA

advapi32

OpenProcessToken
RegSetValueExA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
ControlService
DeleteService
OpenSCManagerA
CreateServiceW
OpenServiceW
CloseServiceHandle
StartServiceA

shell32

SHGetMalloc
SHFileOperationW
ExtractIconExW
ShellExecuteExW
CommandLineToArgvW
ShellExecuteA
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

efcb71a61ad80f3cda7d70e18e188188

Headers

File Characteristics

Imports

psapi

comctl32

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 2KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.rmnet Size: 96KB - Virtual size: 96KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 2KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 96KB - Virtual size: 96KB