9e089295024b1eacb3d66e40c66f1a984904aac54ecba58c496d1b6d96ff9285

Sharing

Copy URL Twitter E-mail

General

Target

9e089295024b1eacb3d66e40c66f1a984904aac54ecba58c496d1b6d96ff9285
Size

126KB
MD5

996367a9128421a5c5f841ac79c0d5da
SHA1

55b65a93be79699d51884479e7770f1a82875da0
SHA256

9e089295024b1eacb3d66e40c66f1a984904aac54ecba58c496d1b6d96ff9285
SHA512

1f9309060678b0cc8f4b5dd76a21a512066b88003a4ea4a6a13f1a611fc491535101e852e9d6358132b7d208135a96faa9c4230b8e9b107fbf7ddb2bfae0e04a
SSDEEP

3072:nBr7FnG6U8DtijgTzfzASuDmC0OqtrMtxONmLdVsg:nBrI6UItijgTbHuDmCvqtSDsg

Score

N/A

Malware Config

Signatures

Files

9e089295024b1eacb3d66e40c66f1a984904aac54ecba58c496d1b6d96ff9285
.exe windows x86

46b765e09a586e6e7a2e828bbd21e154

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

DllUnregisterServer
RegisterActiveObject
GetActiveObject

kernel32

HeapAlloc
GetProcessHeap
GetDriveTypeW
GetModuleFileNameW
GetFullPathNameW
GlobalFree
LoadLibraryA
LocalAlloc
GetSystemDirectoryW
QueryPerformanceCounter
ReadFile
CloseHandle
Sleep
HeapFree
InterlockedIncrement
FindFirstFileW
WriteFile
CreateDirectoryW
GetFileAttributesW
LocalFree
lstrlenW
CopyFileW
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetVolumeInformationW
GlobalAlloc
GetCommandLineW
GetPriorityClass
LoadLibraryW
GetProcAddress
GetTickCount
SetFilePointer
lstrcmpiW
GetDiskFreeSpaceExW
CreateMutexW
CreateProcessW
FindNextFileW
GetPrivateProfileIntW
UnhandledExceptionFilter
MultiByteToWideChar
SetCurrentDirectoryW
GetLastError
GetVersion
HeapSize
QueryDosDeviceW
lstrlenA
DeleteFileW
SetLastError
WaitForSingleObject
GetWindowsDirectoryW
FreeLibrary
lstrcmpW
InterlockedDecrement
CreateFileW
GetLogicalDriveStringsW
DeviceIoControl
GetStartupInfoA
LocalReAlloc
GetVersionExA
GetTimeFormatW
VirtualQuery
GetDateFormatW
FindClose
GetCurrentDirectoryW
OpenMutexW
TerminateProcess
GetSystemTimeAsFileTime
FormatMessageW
GetTempPathW
SetUnhandledExceptionFilter
GetCurrentProcess
OpenEventW
GetCurrentThreadId
GetModuleHandleA
ReleaseMutex
SetCommMask
RaiseException
GetExitCodeProcess
IsBadStringPtrA
GetPrivateProfileSectionW
HeapReAlloc
IsValidLocale
FormatMessageA
GetCurrentProcessId
WideCharToMultiByte
InterlockedExchange

ole32

CreateItemMoniker
CoInitialize
CoTaskMemFree
CoCreateInstance
GetRunningObjectTable
CoUninitialize

shell32

Shell_NotifyIconA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegisterServiceCtrlHandlerA
RegisterEventSourceA
DeregisterEventSource

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bjlbfz
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 129KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46b765e09a586e6e7a2e828bbd21e154

Headers

File Characteristics

Imports

oleaut32

kernel32

ole32

shell32

advapi32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 121KB

.bjlbfz Size: 3KB - Virtual size: 3KB

.edata Size: 129KB - Virtual size: 243KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 121KB

.bjlbfz
Size: 3KB - Virtual size: 3KB

.edata
Size: 129KB - Virtual size: 243KB