9da442428e5e66cc21570c5f35a9f16d9be943c98d5ff498bb5ca284ab792d45

Sharing

Copy URL

Twitter E-mail

General

Target

9da442428e5e66cc21570c5f35a9f16d9be943c98d5ff498bb5ca284ab792d45
Size

62KB
MD5

c6e289ae9f627902289f355f769e7fbf
SHA1

3c2b0a78872640c77e5b6dc21b3f11a5da8025ef
SHA256

9da442428e5e66cc21570c5f35a9f16d9be943c98d5ff498bb5ca284ab792d45
SHA512

6bc02457378e91166efd98df1696451f346433e8b4443e6381926e9818b426132f223b507a38da3944efffc30c5686ac40ee150c7f3441114b37d20047b13823
SSDEEP

768:RRrgKUOEPBxCdMO0iOfDXSw7RUy4hjoWtig6CS642w/HBKGaz7toURrh2BAttlPw:3vufS2isttyM44zHk+AtrEDtfN

Score

N/A

Malware Config

Signatures

Files

9da442428e5e66cc21570c5f35a9f16d9be943c98d5ff498bb5ca284ab792d45
.exe windows x86

34b44fe53da24e14b1f09a9dfef8fa83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
CreateFileMappingA
GlobalFindAtomW
lstrcmpiW
CreateMutexA
GetModuleHandleW
InitializeCriticalSection
MoveFileA
GetPriorityClass
RemoveDirectoryA
GetWindowsDirectoryW
GetUserDefaultLCID
DeleteAtom
CreateFiber
GetStringTypeA
WaitForMultipleObjects
GetSystemDirectoryW
GetNamedPipeInfo
CreateThread
IsDebuggerPresent
GetCalendarInfoW
VirtualAlloc
GetCommandLineW
SearchPathW
GetEnvironmentVariableW
GlobalGetAtomNameW

user32

InsertMenuItemA
DefWindowProcA
EndMenu
DefDlgProcW
GetDlgItem
LoadBitmapW
GetWindowTextLengthW
GetWindowTextA
LoadCursorA
SetCapture
IsDlgButtonChecked

gdi32

PolyPolyline
CreateDCW
BitBlt
GetNearestPaletteIndex
SetViewportExtEx
GetPath
GetCurrentPositionEx
CreateSolidBrush
ResetDCW
GetOutlineTextMetricsW
GetBkMode
SetPixelV
GetLayout
GetDIBColorTable
CreateColorSpaceW
SetICMMode
ScaleWindowExtEx

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueA
RegOpenKeyExW

shlwapi

SHSetThreadRef
PathIsPrefixA
UrlIsA

opengl32

wglDeleteContext

wininet

InternetCanonicalizeUrlA
InternetCanonicalizeUrlW
RetrieveUrlCacheEntryFileA
FtpFindFirstFileW
UrlZonesDetach
InternetFortezzaCommand
InternetSetOptionExA
SetUrlCacheEntryGroup
FindNextUrlCacheEntryW
HttpOpenRequestA
InternetOpenA
DetectAutoProxyUrl
InternetShowSecurityInfoByURLW
FtpRemoveDirectoryW
InternetCreateUrlW

urlmon

IsLoggingEnabledW

winspool.drv

EnumPrinterDataExW
StartDocPrinterW
QueryRemoteFonts
EnumPrinterDataW
AdvancedDocumentPropertiesW

inetcomm

CreateRASTransport
MimeOleGetContentTypeExt
EssSecurityLabelDecodeEx
MimeOleGenerateFileName
HrAttachDataFromFile
MimeOleGetBodyPropA
DllGetClassObject
MimeOleCreateHeaderTable

sqlunirl

newMultiByteFromWideCharSize
_SetDefaultCommConfig_@12
_ShellExecuteEx_@4
_EnumFonts_@16
_ExtractAssociatedIcon_@12
_CreateFont@56
_PropertySheet_@4
_strerror_@4
_DefDlgProc_@16

crypt32

RegOpenHKCUKeyExU
CertFreeCertificateChainEngine
CertFindCRLInStore
CryptBinaryToStringW
CryptCloseAsyncHandle
CertFindCTLInStore
CryptHashMessage
CryptEncryptMessage
I_CryptEnableLruOfEntries
I_CryptGetDefaultCryptProvForEncrypt

Sections

.4@+
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.5
Size: 2KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.'pwb,
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0,,X@#
Size: 1024B - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.K<f
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ab>q")
Size: 1024B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 214KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34b44fe53da24e14b1f09a9dfef8fa83

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

opengl32

wininet

urlmon

winspool.drv

inetcomm

sqlunirl

crypt32

Sections

.4@+ Size: 11KB - Virtual size: 11KB

.5 Size: 2KB - Virtual size: 46KB

.'pwb, Size: 3KB - Virtual size: 3KB

.0,,X@# Size: 1024B - Virtual size: 34KB

.K<f Size: 4KB - Virtual size: 34KB

.Ab>q") Size: 1024B - Virtual size: 29KB

.rsrc Size: 214KB - Virtual size: 213KB

.reloc Size: 1024B - Virtual size: 36KB

.4@+
Size: 11KB - Virtual size: 11KB

.5
Size: 2KB - Virtual size: 46KB

.'pwb,
Size: 3KB - Virtual size: 3KB

.0,,X@#
Size: 1024B - Virtual size: 34KB

.K<f
Size: 4KB - Virtual size: 34KB

.Ab>q")
Size: 1024B - Virtual size: 29KB

.rsrc
Size: 214KB - Virtual size: 213KB

.reloc
Size: 1024B - Virtual size: 36KB