9c9b7d450cf9150f81930cff845302af22c9e8e771c63efe55d550428cccaab2

Sharing

Copy URL Twitter E-mail

General

Target

9c9b7d450cf9150f81930cff845302af22c9e8e771c63efe55d550428cccaab2
Size

613KB
MD5

2c041df954f54d76a92cec5a5a1f28f0
SHA1

3a9b098c94315c0cf1a8e40cc9056f9679af3ecf
SHA256

9c9b7d450cf9150f81930cff845302af22c9e8e771c63efe55d550428cccaab2
SHA512

9c4d8fa335f9ada7adc1108569046f60f305f9579045666925bd6f80ddfe784df089b1f4dfd3ce9889df06119700f32d1d117ac3f60ad23c038f1213dec304ef
SSDEEP

12288:uZ0bjhYFar/RTRkgWBiNV3JRK5jGifGNhSsPdc:uZvggKV33KZv0hSom

Score

N/A

Malware Config

Signatures

Files

9c9b7d450cf9150f81930cff845302af22c9e8e771c63efe55d550428cccaab2
.exe windows x86

8b369fc37891009ebf3036977bb397ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA

kernel32

InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
SetLastError
GetModuleHandleA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
lstrcpyA
CreateFileW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetLocaleInfoW
InterlockedExchange
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
SetFilePointer
ReadFile
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
HeapSize
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapDestroy
HeapCreate
HeapReAlloc
FatalAppExitA
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCurrentThreadId
DeleteCriticalSection
RaiseException
lstrlenA
GlobalUnlock
GlobalLock
WideCharToMultiByte
MulDiv
lstrcmpA
GetProcAddress
GetLastError
LoadLibraryA
FreeLibrary
lstrcpynW
lstrcpynA
lstrlenW
GetModuleFileNameA
CloseHandle
GetVersionExA
CreateThread
MultiByteToWideChar
GlobalAlloc
SetEndOfFile

user32

SetWindowLongA
GetWindowLongA
SetWindowTextA
RegisterWindowMessageA
UnregisterClassA
DefWindowProcA
RegisterClassExA
GetClassInfoExA
DestroyWindow
GetWindowTextA
MonitorFromPoint
GetActiveWindow
SystemParametersInfoA
GetSubMenu
CheckMenuRadioItem
LoadCursorA
GetMonitorInfoA
RemoveMenu
GetMenuItemCount
AppendMenuA
TrackPopupMenuEx
CreatePopupMenu
GetWindowRect
CallWindowProcA
GetDlgItem
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
ClientToScreen
MoveWindow
CreateAcceleratorTableA
GetDC
ReleaseDC
GetDesktopWindow
CharNextA
GetParent
GetClassNameA
RedrawWindow
BeginPaint
FillRect
EndPaint
IsChild
GetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
DestroyMenu
PtInRect
MapWindowPoints
IsWindow
CreateWindowExA
wvsprintfA
LoadImageA
LoadStringW
SetFocus
SendMessageA
LoadStringA
LoadMenuA
LoadAcceleratorsA
TranslateAcceleratorA
GetClientRect
SetWindowPos
PostThreadMessageA
PostQuitMessage
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
GetMenu
DrawMenuBar
ShowWindow
TranslateMessage
DispatchMessageA
SetForegroundWindow
PeekMessageA
MsgWaitForMultipleObjects
MessageBoxA
GetMessageA
MessageBeep
GetWindowTextLengthA

gdi32

GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteA

ole32

CoTaskMemRealloc
CoTaskMemFree
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CoInitialize
CoUninitialize

oleaut32

VarUI4FromStr
OleCreateFontIndirect
VariantClear
VariantInit
DispCallFunc
LoadTypeLi
LoadRegTypeLi
SysAllocString
SysStringLen
SysAllocStringLen
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
SysFreeString

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b369fc37891009ebf3036977bb397ed

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 332KB - Virtual size: 332KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 11KB - Virtual size: 19KB

.rsrc Size: 222KB - Virtual size: 221KB

.text
Size: 332KB - Virtual size: 332KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 11KB - Virtual size: 19KB

.rsrc
Size: 222KB - Virtual size: 221KB