a9120e2e9d85026beee1015e19cbcc22299228ff5ada876388fc8b720d3d6334

General

Target

a9120e2e9d85026beee1015e19cbcc22299228ff5ada876388fc8b720d3d6334
Size

384KB
MD5

fb516a8e659768fdfd1b0d81c42d5bf4
SHA1

867f3211bb3ec78b4973de0567b404cc76d91b6b
SHA256

a9120e2e9d85026beee1015e19cbcc22299228ff5ada876388fc8b720d3d6334
SHA512

1ea191a9acb6b70bb59ed458f438a5e7b5b089f5c58e5381942738c941c01d22a7f92ddf0166d3f044d4c6420a0ff2b2ebcc0123f5b8580f26d0afdabb01198e
SSDEEP

6144:0jSIm+ZBnQCXCsVtVOizeFEDsESM8um/b1tg3t94v+A8g1+kZWCKDFFpeBPhJbDE:QT1XRtJCF2ZW1+94mA86+kZW3DLp8PeR

Score

N/A

Malware Config

Signatures

Files

a9120e2e9d85026beee1015e19cbcc22299228ff5ada876388fc8b720d3d6334
.exe windows x86

2f2b52c68924ce3684c6c649a0e80e8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
FindClose
CompareStringA
GetDateFormatA
SetStdHandle
FileTimeToLocalFileTime
lstrcmpA
SetThreadAffinityMask
GetLocaleInfoA
TerminateProcess
GetStartupInfoA
TlsSetValue
IsBadStringPtrA
PulseEvent
SetEvent
CompareStringW
CreateFileMappingA
GetConsoleCP

gdi32

DeleteDC
SetMapMode
SetTextAlign
EndPage
Rectangle
CreateRectRgn
GetTextMetricsA
DeleteObject
GetStockObject
SetBkColor
CreateDIBSection

ole32

CoRegisterSurrogate
OleSetMenuDescriptor
OleDestroyMenuDescriptor
OleCreateLinkToFile
OleLockRunning
CoFileTimeToDosDateTime
CoRegisterClassObject
OleRegEnumFormatEtc
OleIsRunning
CoRevokeClassObject

advapi32

FreeSid
GetAce
StartServiceA
GetSidSubAuthority
SetSecurityInfo
LookupAccountSidA
AddAce
OpenProcessToken
CreateProcessAsUserA
GetKernelObjectSecurity

msvcrt

strlen
qsort
memcpy
iswctype
memcmp
malloc
ftell
_beginthreadex
memset
__mb_cur_max

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f2b52c68924ce3684c6c649a0e80e8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

ole32

advapi32

msvcrt

Sections

.text Size: 54KB - Virtual size: 53KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 1008B

.text
Size: 54KB - Virtual size: 53KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 1008B