a9d6a69f63d0d7f8752ecc1468fcf9b5c5eebbbd59c10c36b5e126196f251547

Sharing

Copy URL Twitter E-mail

General

Target

a9d6a69f63d0d7f8752ecc1468fcf9b5c5eebbbd59c10c36b5e126196f251547
Size

71KB
MD5

2cd902e005fa47ade6d1079c77959a2b
SHA1

00963b0ed3fcd3eeb05761c6e6ff9cf7993cb23a
SHA256

a9d6a69f63d0d7f8752ecc1468fcf9b5c5eebbbd59c10c36b5e126196f251547
SHA512

8fbafa9005e3f9d76884e696a3e98ab69287042a41f671ae311c0a341a0c483d3b0dfe7451cbc3d08978560348d4254562a2dd33b0ba710da3ba6d645aa27cac
SSDEEP

1536:rpuZuaN0x9e4JiodtZg6sVvrSjrxwmIR/Pofq:1mYx9e4EGtK6sVUlwTFPr

Score

N/A

Malware Config

Signatures

Files

a9d6a69f63d0d7f8752ecc1468fcf9b5c5eebbbd59c10c36b5e126196f251547
.exe windows x86

0945bed0d150127aff2866ad2036713d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetModuleFileNameA
FormatMessageW
MultiByteToWideChar
FormatMessageW
GetCurrentProcessId
GetTickCount
LocalFree
GetProcessHeap
GetACP
LocalAlloc
GetCurrentProcess
GetCurrentThreadId
GetModuleHandleA
SetUnhandledExceptionFilter
GetCommandLineW
GetACP
LocalAlloc
GetProcessHeap
VirtualFree
QueryPerformanceCounter
GetACP
GetModuleHandleA
GetCurrentProcessId
GetCommandLineA
VirtualFree
LocalFree
SetUnhandledExceptionFilter
FormatMessageW
QueryPerformanceCounter
FormatMessageW
GetModuleHandleA
GetCommandLineA
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleHandleW
GetCurrentThreadId
LocalAlloc
LocalFree
LocalFree
SetEvent
GetModuleHandleA
SetUnhandledExceptionFilter
VirtualFree
FormatMessageW
FormatMessageW
GetProcessHeap
GetACP
GetCurrentThreadId
GetCurrentThreadId
LocalAlloc
SleepEx
VirtualFree
GetCommandLineW
GetModuleHandleA
SetUnhandledExceptionFilter
GetModuleHandleW
GetTickCount
GetCurrentProcessId
GetModuleHandleW
GetCurrentProcessId
GetACP
GetTickCount
GetCurrentProcess
GetCurrentThreadId
GetCommandLineW
GetModuleHandleA
GetTickCount
LocalAlloc
GetCurrentThreadId
LocalFree
SetEvent
SetEvent
QueryPerformanceCounter
GetCurrentThreadId
WaitForSingleObject
VirtualFree
GetModuleFileNameA
GetCommandLineW
GetCommandLineA
GetProcessHeap
GetCurrentThreadId
LocalAlloc
MultiByteToWideChar
LocalAlloc
FormatMessageW
GetCurrentProcess
GetModuleFileNameA
MultiByteToWideChar
SetUnhandledExceptionFilter
FormatMessageW
WaitForSingleObject

advapi32

CloseServiceHandle
OpenThreadToken
RegSetValueExA
RegQueryInfoKeyW
RegCloseKey
SetSecurityDescriptorDacl
RegEnumKeyExW
CloseServiceHandle
RegDeleteValueW
AddAccessAllowedAce
AllocateAndInitializeSid
RegQueryInfoKeyW
GetTokenInformation
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyW
RegEnumValueW
AddAccessAllowedAce
InitializeSecurityDescriptor
AddAccessAllowedAce
OpenThreadToken
RegOpenKeyExW
CloseServiceHandle
AddAccessAllowedAce
RegDeleteKeyW
SetSecurityDescriptorDacl
OpenThreadToken
RegDeleteValueW
RegCreateKeyExA
AdjustTokenPrivileges
RegCreateKeyExA
RegEnumValueW
FreeSid
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegDeleteValueW
RegOpenKeyW
CloseServiceHandle
InitializeSecurityDescriptor
GetTokenInformation
RegDeleteValueW
InitializeAcl
CloseServiceHandle
RegSetValueExA
RegSetValueExA
RegEnumKeyExW
RegOpenKeyExW
RegOpenKeyW
AdjustTokenPrivileges
RegQueryValueExW
AddAccessAllowedAce
RegOpenKeyExW
OpenThreadToken

user32

GetDlgItem
GetSystemMetrics
CreateWindowExW
GetDC
PostMessageW
GetWindowRect
SetTimer
LoadIconW
LoadIconW
GetMessageW
GetWindowRect
SetTimer
GetSystemMetrics
SetTimer
SetTimer
GetDlgItem
GetWindowRect
GetSystemMetrics
DestroyWindow
DestroyWindow
DefWindowProcW
CreateWindowExW
DefWindowProcW
GetSystemMetrics
GetWindowRect
ShowWindow
GetWindowRect
GetDlgItem
SetTimer
SendMessageW
GetDC
DefWindowProcW
SetTimer
SetTimer
LoadIconW
GetSystemMetrics
SendMessageW
LoadIconW
ReleaseDC
EndPaint
GetDC
DestroyWindow
ReleaseDC
GetDlgItem
LoadIconW
DestroyWindow
SendMessageW
SetTimer
SetTimer
DestroyWindow
ShowWindow
GetDC
GetDC
GetDlgItem
GetSystemMetrics
LoadIconW
ShowWindow
GetWindowRect
GetMessageW
GetDC
GetMessageW
GetMessageW
GetDC
SendMessageW
GetDlgItem
CreateWindowExW
ShowWindow
DestroyWindow
CreateWindowExW
CreateWindowExW
GetMessageW
GetMessageW
GetMessageW
GetWindowRect
GetWindowRect
SendMessageW
LoadIconW
GetMessageW
GetWindowRect
ShowWindow
SetTimer
CreateWindowExW
GetDlgItem
GetMessageW
LoadIconW
SendMessageW
DestroyWindow
GetWindowRect
GetSystemMetrics
DefWindowProcW
DefWindowProcW
DestroyWindow
LoadIconW
LoadIconW
DestroyWindow
DefWindowProcW
ReleaseDC
GetDlgItem
DestroyWindow
ShowWindow
SetTimer
CreateWindowExW
SetTimer
DestroyWindow
GetWindowRect
GetMessageW
LoadIconW
SendMessageW
PostMessageW
SetTimer
SendMessageW
GetDlgItem
GetDC
GetWindowRect
DestroyWindow

ntdll

RtlAllocateHeap

gdi32

SetBkMode
CreateCompatibleBitmap
SetTextColor
SetBkMode
GetDeviceCaps
GetDeviceCaps
DeleteDC
DeleteDC
DeleteObject
DeleteDC
DeleteDC
GetStockObject
LineTo
CreateCompatibleBitmap
SelectObject
MoveToEx
GetObjectW
SetBkMode
GetObjectW
SetBkMode
DeleteDC
PatBlt
DeleteDC
MoveToEx
MoveToEx
SetTextColor
GetDeviceCaps
DeleteObject
BitBlt
DeleteObject
MoveToEx
BitBlt
GetDeviceCaps
BitBlt
SelectObject
BitBlt
CreateCompatibleDC
BitBlt
SelectObject
GetObjectW
SelectObject
CreateCompatibleBitmap
BitBlt
LineTo
GetTextMetricsW
CreateCompatibleDC
SetBkMode
LineTo
SetTextColor
DeleteDC
PatBlt
SetBkColor
GetDeviceCaps
BitBlt
SetTextColor
CreateCompatibleDC
SetBkColor
GetObjectW
PatBlt
MoveToEx
MoveToEx
DeleteObject
GetTextMetricsW
SetBkMode
SetBkColor
DeleteDC
MoveToEx
CreateCompatibleDC
BitBlt
GetDeviceCaps
PatBlt
SetBkColor
GetObjectW
GetDeviceCaps
SelectObject
GetStockObject
LineTo
DeleteDC
SelectObject
CreateCompatibleDC
PatBlt
DeleteObject
DeleteObject
CreateCompatibleDC
SetBkMode
GetTextMetricsW
MoveToEx
DeleteObject
SetBkMode

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 351KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0945bed0d150127aff2866ad2036713d

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ntdll

gdi32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 9KB - Virtual size: 904KB

.data Size: 351KB - Virtual size: 352KB

.pdata Size: 512B - Virtual size: 4KB

.pdata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 9KB - Virtual size: 904KB

.data
Size: 351KB - Virtual size: 352KB

.pdata
Size: 512B - Virtual size: 4KB

.pdata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB