9133ad639002bfb92cef3c140e44293a7f2db985319718940fa53612e5013692

Sharing

Copy URL

Twitter E-mail

General

Target

9133ad639002bfb92cef3c140e44293a7f2db985319718940fa53612e5013692
Size

732KB
MD5

273c832e4fac1d5de39d520dec6afa50
SHA1

fbe5f784a01708ed69e5bde2a254fb4d34b48231
SHA256

9133ad639002bfb92cef3c140e44293a7f2db985319718940fa53612e5013692
SHA512

8c6ebbee3b3437f53ce5e45dbd5ce34e63f2513ea9f9dad71aa0db00141d3fc823a67ca94bcd93bffb87b08af2a3b43e2f3bb356a13b985f14e6d1be23f323f4
SSDEEP

12288:r60N75TrA5UjDxtfV48o5P7cpYJ+rPR01C5eAYMleI86W3wsdpPnEjTo:d75fA5YxtNO5PGRu4JVw93

Score

N/A

Malware Config

Signatures

Files

9133ad639002bfb92cef3c140e44293a7f2db985319718940fa53612e5013692
.exe windows x86

de31040f5e7db7f8d2e204ea034032df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imjp81k

CreateIRegManInstance

kernel32

lstrlenA
LockResource
LoadResource
GetVersionExA
CreateFileW
DeleteFileW
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindResourceA
FindResourceExA
GetFullPathNameW
GetFullPathNameA
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
GetSystemDefaultLangID
SetLastError
GetTimeFormatA
GetDateFormatA
GetThreadLocale
GetBinaryTypeA
GetWindowsDirectoryA
GetEnvironmentVariableA
SetFilePointer
lstrcatA
LocalFree
LocalAlloc
lstrcpynA
GetCurrentProcess
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
lstrcpyA
HeapSize
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
HeapAlloc
RtlUnwind
WaitForSingleObject
CreateMutexA
ReleaseMutex
GetSystemDefaultLCID
GetCurrentThreadId
GlobalHandle
OpenFileMappingA
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
lstrcmpiA
FindClose
lstrlenW
lstrcpyW
LCMapStringW
LoadLibraryA
WriteFile
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
DeleteFileA
GetTempPathA
GetTempFileNameA
CreateFileA
FreeLibrary
GetProcAddress
GetFileSize
ReadFile
GetCPInfo
Sleep
InterlockedExchange
IsDBCSLeadByteEx
GetACP
WideCharToMultiByte
GlobalReAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalAlloc
CloseHandle
GetLastError
CreateThread
MultiByteToWideChar
GetOEMCP

user32

GetClipboardData
CloseClipboard
CharPrevA
SetForegroundWindow
UnregisterClassA
SetWindowTextA
SetWindowTextW
RegisterClassExA
LoadStringA
PostThreadMessageA
GetWindowTextA
GetWindowTextW
GetClassNameA
GetClassInfoExA
IsClipboardFormatAvailable
DrawTextA
DrawTextW
DialogBoxParamA
DefWindowProcA
CreateWindowExA
CreateDialogParamA
DialogBoxIndirectParamA
CreateDialogIndirectParamA
CallWindowProcA
LoadIconA
MessageBeep
BeginPaint
EndPaint
FillRect
IsDialogMessageA
OpenClipboard
wsprintfA
CharNextA
FindWindowA
PeekMessageA
WaitMessage
CheckDlgButton
LoadImageA
ShowWindow
SetFocus
UpdateWindow
SetRect
SetWindowPos
GetDC
ReleaseDC
LoadBitmapA
OemToCharA
CharToOemA
PostQuitMessage
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetClientRect
ClientToScreen
LoadCursorA
EndDialog
GetWindowLongA
GetParent
IsWindowUnicode
SetWindowLongA
GetWindowRect
MoveWindow
GetDlgItem
IsWindow
ScreenToClient
SendDlgItemMessageW
SendDlgItemMessageA
EnableWindow
PostMessageW
FindWindowExA
SendMessageW
SendMessageA
IsDlgButtonChecked
PostMessageA
GetDlgCtrlID

gdi32

GetTextColor
GetBkMode
DeleteObject
SetBkMode
TranslateCharsetInfo
SetTextColor
GetObjectA
CreateFontIndirectA
GetStockObject
SelectObject
GetDeviceCaps

comdlg32

GetOpenFileNameA
GetOpenFileNameW
CommDlgExtendedError

advapi32

RegDeleteKeyA
RegDeleteValueA
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
GetTokenInformation
GetSecurityDescriptorDacl
AllocateAndInitializeSid
IsValidSid
FreeSid
RegUnLoadKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumValueA

shell32

DragQueryFileW
DragFinish
DragAcceptFiles
DragQueryFileA

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitialize

comctl32

ord17

Exports

Exports

FSqueezeInit
FSqueezeTerm
FSqueezeUty

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de31040f5e7db7f8d2e204ea034032df

Headers

File Characteristics

Imports

imjp81k

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 28KB - Virtual size: 27KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 28KB - Virtual size: 27KB

.vmp0
Size: 500KB - Virtual size: 1.6MB