9dce06e0f7439fa9bdc420fea2f6f253fe1644d877734ec00b2e0ed54ad23a94

Sharing

Copy URL Twitter E-mail

General

Target

9dce06e0f7439fa9bdc420fea2f6f253fe1644d877734ec00b2e0ed54ad23a94
Size

53KB
MD5

1dbb1967682f2c41e9b2d86f1379f794
SHA1

1098cdcb707a3dc43bf7472b5e092a6cec90bd83
SHA256

9dce06e0f7439fa9bdc420fea2f6f253fe1644d877734ec00b2e0ed54ad23a94
SHA512

4e9447b5f7a5d3f3db01a2c3af450003fd47a8516ccab22ecb0facca68de175da13131297a7c302578f3e8abc37327470170ad62793324ce737b139368f3272b
SSDEEP

1536:lhNntWTAqA7AcFkY8gPdPcbWRHUd8rRo:lTntWJcFkY8wUbWuWrR

Score

N/A

Malware Config

Signatures

Files

9dce06e0f7439fa9bdc420fea2f6f253fe1644d877734ec00b2e0ed54ad23a94
.dll windows x86

de20f3e2025f1d979c948d16bb514bf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateRectRgnIndirect
DeleteMetaFile
CreatePen
SelectObject
GdiFlush
StretchBlt
GetEnhMetaFileHeader
DeleteEnhMetaFile

jgshicda

ImmGetProperty
PathIsExe
ImmIsIME
ImmLockImeDpi
SdbGrabMatchingInfo
SdbRegisterDatabaseEx
ILFindLastID
SdbReadDWORDTag
SdbReadQWORDTag
PathYetAnotherMakeUniqueName
ImmGetCompositionStringA
ImmGetRegisterWordStyleA
RealShellExecuteA
CtfImmLeaveCoInitCountSkipMode
ImmGetGuideLineA
ImmWINNLSGetIMEHotkey
RealShellExecuteExA
ILAppendID
ReadCabinetState
CtfImmIsTextFrameServiceDisabled

ole32

CreateBindCtx
CoRegisterMessageFilter
GetHGlobalFromILockBytes
OleLoadFromStream
OleTranslateAccelerator

kernel32

InterlockedIncrement
GetCurrentProcessId
FileTimeToSystemTime
SystemTimeToFileTime
CreateFileMappingA
VirtualQueryEx
WaitForMultipleObjects
GetFileSize
GetSystemDefaultLangID
GetLogicalDrives
MapViewOfFile
LoadLibraryA
UnmapViewOfFile
IsValidLocale
GetModuleHandleA
IsProcessorFeaturePresent
GlobalUnlock
OutputDebugStringA

advapi32

CryptGetHashParam
GetAce
CryptHashData

user32

ValidateRgn
KillTimer
SetWindowPlacement
IsWindowEnabled
ExcludeUpdateRgn
DrawIconEx
OpenIcon
IntersectRect
GetScrollRange
MonitorFromRect
GetDoubleClickTime
IsZoomed

msvcrt

__setusermatherr

Exports

Exports

CreateProcessNotify
clicdagt

Sections

.text
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de20f3e2025f1d979c948d16bb514bf9

Headers

File Characteristics

Imports

gdi32

jgshicda

ole32

kernel32

advapi32

user32

msvcrt

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 40KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 37KB - Virtual size: 40KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB