be9a931bd1fa91dacdf3138508ce3d95cb62cfbaab866ab3397f15f1c5f1c22f

Sharing

Copy URL Twitter E-mail

General

Target

be9a931bd1fa91dacdf3138508ce3d95cb62cfbaab866ab3397f15f1c5f1c22f
Size

247KB
MD5

479ac365eb76d220fb9fca258bf8ddf5
SHA1

032ff0c2ffcf588d5a9f96af5a86a956fdddc9ed
SHA256

be9a931bd1fa91dacdf3138508ce3d95cb62cfbaab866ab3397f15f1c5f1c22f
SHA512

6f20b408adbd65e7b34b5e394d7316607d1c037703a727074d5a37927edb16455e6b6056b185af524f173001404c7aaf74a594c44109710fd29ebcaa71d928f8
SSDEEP

6144:ysAi5bs3426U6T02I5ddoh94V2w/wCNTWs4GkgAdQGz8:15bs3426Uo0l949pHqTugAdQd

Score

N/A

Malware Config

Signatures

Files

be9a931bd1fa91dacdf3138508ce3d95cb62cfbaab866ab3397f15f1c5f1c22f
.exe windows x86

9be5021d0a5e0c0a6421d7aa2d438108

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CreateFileW
GetStringTypeW
LCMapStringW
HeapReAlloc
WriteConsoleW
MultiByteToWideChar
SetFilePointer
LoadLibraryW
ReadFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
Sleep
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
CompareStringW
GetLastError
LoadLibraryA
GetProcAddress
GlobalUnlock
GetModuleHandleA
InitializeCriticalSection
GetModuleFileNameA
GetTickCount
GlobalFree
DeleteCriticalSection
GetCommandLineA
FindFirstFileA
CreateDirectoryA
CreateFileA
GetFileSize
CloseHandle
HeapAlloc
GlobalAlloc
QueryPerformanceFrequency
GetSystemTime
SystemTimeToFileTime
SetFileTime
GetProcessHeap
GetCurrentProcess
HeapSize
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
HeapSetInformation
GetStartupInfoW
EncodePointer
HeapFree
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
WideCharToMultiByte
SetEnvironmentVariableA

user32

LoadMenuA
CreateWindowExA
LoadBitmapA
GetDC
SendMessageA
FillRect
MessageBoxA
GetScrollPos
SystemParametersInfoA
ShowWindow
LoadImageA
CreateAcceleratorTableA
EndDialog
GetClientRect
GetWindow
SetCapture
DialogBoxParamA
DestroyWindow
SetScrollInfo
InvalidateRect
wsprintfA
GetWindowLongA
SetWindowLongA
CheckDlgButton
SetDlgItemTextA
BeginPaint
GetForegroundWindow
GetWindowThreadProcessId
GetGUIThreadInfo
EnumWindows
WindowFromDC
PostQuitMessage

gdi32

CreateCompatibleDC
SelectObject
BitBlt
GetStockObject
CreateSolidBrush
TextOutW
SetPixel
DeleteDC
SetBkMode
CreateFontA
SetTextColor
EndPage
EndDoc
DeleteObject
GetObjectA

comdlg32

GetFileTitleW
PrintDlgA

advapi32

LookupAccountSidA
GetTokenInformation
EqualSid

comctl32

ord17
InitCommonControlsEx

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9be5021d0a5e0c0a6421d7aa2d438108

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

comctl32

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 150KB - Virtual size: 166KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 150KB - Virtual size: 166KB

.rsrc
Size: 1KB - Virtual size: 1KB