9d909791326eb78ba5a756aa7b36f62f94ad9981bd6ddfc5e652254f75ca7916

Sharing

Copy URL Twitter E-mail

General

Target

9d909791326eb78ba5a756aa7b36f62f94ad9981bd6ddfc5e652254f75ca7916
Size

254KB
MD5

7be77e3da03543deb4ffd61613f0b377
SHA1

ff0fd4b7d96008687b7b9f96348b8c3e467926d0
SHA256

9d909791326eb78ba5a756aa7b36f62f94ad9981bd6ddfc5e652254f75ca7916
SHA512

755308f6da1197345a0e9809f9071220c84e3300909f8f7c65640bcb68b4563d270839fbe20678ce6d8b1a154746c005aee6e3974aacb5eabed3f061ba4536ba
SSDEEP

6144:zS9BWPE8aYrQl9LD3fWXWSRyfmX0aP2I8wYRjgzy0:UmE8aYrGPMWSR+mX0aPl8te

Score

N/A

Malware Config

Signatures

Files

9d909791326eb78ba5a756aa7b36f62f94ad9981bd6ddfc5e652254f75ca7916
.exe windows x86

11c8edef0b26ad46b6e9f0ed2b8d217d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
VirtualAlloc
IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
CompareStringA
WideCharToMultiByte
lstrcmpW
GetModuleHandleW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
SetLastError
UnhandledExceptionFilter
SetErrorMode
lstrlenW
Beep
GetFileSize
WriteFile
ExpandEnvironmentStringsA
GetComputerNameW
OpenProcess
CreateProcessW
GetWindowsDirectoryW
LoadLibraryExW
GetProcessHeap
HeapAlloc
CreateFileW
CloseHandle
HeapFree
FreeLibrary
FindResourceW
LoadResource
LockResource
GetSystemTimeAsFileTime
VirtualFree
GetFileType
SetHandleCount
GetCommandLineW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
HeapReAlloc
RaiseException
RtlUnwind
lstrlenA
SetEndOfFile
FlushFileBuffers
SetFilePointer
ReadFile
FreeResource
GlobalFindAtomW
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SizeofResource
CompareStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalAddAtomW
CreateEventW
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA

user32

GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
SetFocus
SetScrollInfo
DefWindowProcW
WinHelpW
CopyRect
GetMenu
GetSubMenu
GetMenuItemCount
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
ReleaseCapture
GetCapture
WindowFromPoint
SetCapture
GetDesktopWindow
GetWindow
GetDlgCtrlID
SendDlgItemMessageA
SendDlgItemMessageW
LoadIconW
RegisterWindowMessageW
IsWindow
RemovePropW
GetPropW
SetPropW
GetClassLongW
GetScrollInfo
GetMenuItemID
AppendMenuW
DrawEdge
FrameRect
CopyIcon
GetDoubleClickTime
ClipCursor
InvertRect
GetIconInfo
DrawStateW
DrawIconEx
CheckDlgButton
CallWindowProcW
GetMenuState
UnhookWindowsHookEx
PostQuitMessage
PostMessageW
CheckMenuItem
IsDlgButtonChecked
IsDialogMessageW
MoveWindow
ShowWindow
DestroyIcon
InflateRect
DestroyMenu
SystemParametersInfoW
SetRectEmpty
CreatePopupMenu
InvalidateRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
IsRectEmpty
GetSystemMenu
SetRect
SetTimer
KillTimer
MessageBeep
EnableMenuItem
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
UnregisterClassW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
LoadStringW
LoadImageW
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions

gdi32

CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
LineTo
MoveToEx
DeleteObject
GetObjectW
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
CreatePen
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
PatBlt
CreateCompatibleBitmap
GetTextMetricsW
GetBkColor
SetViewportOrgEx
GetDeviceCaps
RoundRect
SetPixel
RealizePalette
GetDIBColorTable
CreatePalette
CreateHalftonePalette
GetCurrentObject

advapi32

GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExA
LookupAccountSidW
GetTokenInformation
CreateProcessAsUserW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityDescriptorDacl
GetSecurityInfo
RegQueryValueExA

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantInit
VariantChangeType
VariantClear

winmm

sndPlaySoundW

comctl32

_TrackMouseEvent

query

FsCiShutdown
LoadIFilter
CIBuildQueryNode
CITextToSelectTree
InitializeCIISAPIPerformanceData

serwvdrv

wodMessage

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.NGL
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yry
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.V
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RgX
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.c
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11c8edef0b26ad46b6e9f0ed2b8d217d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

oleaut32

winmm

comctl32

query

serwvdrv

Sections

.text Size: 19KB - Virtual size: 18KB

.NGL Size: 512B - Virtual size: 474B

.yry Size: 2KB - Virtual size: 2KB

.V Size: 1024B - Virtual size: 1KB

.RgX Size: 1KB - Virtual size: 1KB

.rdata Size: 8KB - Virtual size: 8KB

.c Size: 1KB - Virtual size: 1KB

.s Size: 1024B - Virtual size: 1KB

.data Size: 212KB - Virtual size: 370KB

.M Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 19KB - Virtual size: 18KB

.NGL
Size: 512B - Virtual size: 474B

.yry
Size: 2KB - Virtual size: 2KB

.V
Size: 1024B - Virtual size: 1KB

.RgX
Size: 1KB - Virtual size: 1KB

.rdata
Size: 8KB - Virtual size: 8KB

.c
Size: 1KB - Virtual size: 1KB

.s
Size: 1024B - Virtual size: 1KB

.data
Size: 212KB - Virtual size: 370KB

.M
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 3KB