d9e0abe187d9962a4f6367149e9dd98769823cfdbef7de1a77f831497e42207b

General

Target

d9e0abe187d9962a4f6367149e9dd98769823cfdbef7de1a77f831497e42207b
Size

10KB
MD5

3ca6ac812bbef7dfda3f824460b46afc
SHA1

f2b49e1b68c7fd1455a540f614ae0d54204df7cb
SHA256

d9e0abe187d9962a4f6367149e9dd98769823cfdbef7de1a77f831497e42207b
SHA512

da391982ca9bf046bfa8837125d9536054899ab36a973ff65b0703409fb70e80a9da73482dfe0bf214deb99d28bbae6ff2d879b2f09400b47cd0842bac0fdbed
SSDEEP

96:6J71hko47ki2foItB0OJJu68HC37tcIh8WfxwU/cUU5tn0vA7DtdmtFEpZWJoxVp:6J7HY7kBQQhJMM7Jacu6A7Dtqq/WJox

Score

N/A

Malware Config

Signatures

Files

d9e0abe187d9962a4f6367149e9dd98769823cfdbef7de1a77f831497e42207b
.exe windows x86

06ce37569f2d4aa59fe35d5e3391a45d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwEnumerateKey
ZwDeleteKey
ZwQueryDirectoryFile
ZwQueryValueKey
wcscat
wcsstr
RtlCreateUserThread
ZwSetInformationKey
ZwOpenTimer
ZwSetTimer
ZwUnloadDriver
RtlFreeUnicodeString
ZwDuplicateObject
ZwOpenFile
RtlDosPathNameToNtPathName_U
RtlAdjustPrivilege
ZwImpersonateThread
ZwOpenThread
ZwOpenProcess
ZwQuerySystemInformation
LdrFindEntryForAddress
RtlInitUnicodeString
wcschr
ZwResumeThread
ZwSetContextThread
ZwWriteVirtualMemory
ZwSetInformationFile
ZwWaitForSingleObject
ZwGetContextThread
ZwDeleteFile
RtlExitUserThread
ZwClose
ZwQueryKey
_allshr
ZwOpenKey
LdrGetProcedureAddress
wcscpy
_aullrem

kernel32

ExpandEnvironmentStringsW
FreeLibrary
ExitProcess
GetSystemTimeAsFileTime
GetModuleHandleW
LoadLibraryW
GetCurrentThreadId
GetCommandLineW
FormatMessageW
SetThreadLocale

user32

SetWindowsHookExW
LoadStringW
MessageBoxW
CallNextHookEx
SetForegroundWindow
ShowWindow
UnhookWindowsHookEx

comctl32

ord17

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 178B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06ce37569f2d4aa59fe35d5e3391a45d

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

user32

comctl32

ole32

oleaut32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 178B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 178B

.rsrc
Size: 2KB - Virtual size: 2KB