9a33b5645df38af021a057497a4b073fedf0213609a1ca237bb5ed6203e20e73

Sharing

Copy URL Twitter E-mail

General

Target

9a33b5645df38af021a057497a4b073fedf0213609a1ca237bb5ed6203e20e73
Size

280KB
MD5

2c4857b1e851561aa8efb93828afb25e
SHA1

c9c9e3f7ffc66a9e74a6abb41ff8cb120bd5c2a7
SHA256

9a33b5645df38af021a057497a4b073fedf0213609a1ca237bb5ed6203e20e73
SHA512

d3aa32dbe74895c508a5cfe68eda002940d3255b149c361b39b84db05769ec3bbd5fb20bc87c833bfe2f1530fd7794235267e29c4c6e610a463f153ed9e273f9
SSDEEP

6144:Av8Kp+fj7SObQm/PEVwLP0pNa7hTr2SbY912/b1cAUlEL:AEKKLQm/s48pNgprVbY9Ebms

Score

N/A

Malware Config

Signatures

Files

9a33b5645df38af021a057497a4b073fedf0213609a1ca237bb5ed6203e20e73
.exe windows x86

f6972afe780322ede0f49a22741223e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocStringByteLen
GetErrorInfo
LoadTypeLi
SafeArrayDestroy
SafeArrayUnlock
VariantClear
SafeArrayGetVartype
SysStringLen
SysStringByteLen
VariantInit
SysAllocStringLen
VarBstrCat
RegisterTypeLi
SysAllocString
LoadRegTypeLi
SafeArrayGetUBound
SysFreeString
SafeArrayLock
SafeArrayGetLBound
VarBstrCmp
UnRegisterTypeLi

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CoCreateInstance
StringFromCLSID
CoCreateFreeThreadedMarshaler

user32

CharNextW
GetDC
GetDlgItemTextW
GetMessageA
GetMenuInfo
InsertMenuItemA
DefWindowProcW
RegisterClassA
PostMessageW
SetMenu
LoadBitmapW
CreateDialogIndirectParamW
LoadIconA
ShowCaret
CharPrevA
CharLowerA
PeekMessageA
LoadIconW
RemoveMenu

shlwapi

PathIsURLW
PathRemoveFileSpecW
PathIsRelativeW
PathFileExistsW
PathStripToRootW
PathRemoveExtensionW
PathFindFileNameW
PathCombineW
PathFindExtensionW
PathRenameExtensionW
PathCanonicalizeW

kernel32

FindResourceW
HeapDestroy
UnhandledExceptionFilter
LockResource
GlobalSize
IsDBCSLeadByteEx
GlobalLock
GetProcessHeap
GlobalUnlock
DeleteFileW
OutputDebugStringW
GlobalFree
IsProcessorFeaturePresent
GetFileSize
CloseHandle
GetCurrentDirectoryW
CreateFileW
FindResourceExW
DeleteCriticalSection
GetTempFileNameW
GlobalReAlloc
lstrlenW
IsDebuggerPresent
GlobalAlloc
LoadResource
HeapAlloc
GetCurrentThreadId
GetThreadLocale
FreeLibrary
SwitchToThread
HeapFree
GetSystemTimeAsFileTime
LeaveCriticalSection
GetFullPathNameW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
HeapReAlloc
EnterCriticalSection
GetModuleHandleW
ReadFile
HeapSize
SizeofResource
CopyFileW
RaiseException
SetThreadLocale
VirtualAlloc

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdi32

GetClipBox

rpcns4

RpcNsBindingImportDone
I_RpcNsGetBuffer
RpcNsGroupMbrInqNextW
RpcIfIdVectorFree
RpcNsProfileEltInqDone
RpcNsBindingImportBeginA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6972afe780322ede0f49a22741223e2

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shlwapi

kernel32

version

gdi32

rpcns4

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 252KB - Virtual size: 311KB

.rdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 252KB - Virtual size: 311KB

.rdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB