9cf595796d8655d480c1d9de4472994cad5a3cbba91672beb715a66f263c531f

Sharing

Copy URL Twitter E-mail

General

Target

9cf595796d8655d480c1d9de4472994cad5a3cbba91672beb715a66f263c531f
Size

303KB
MD5

8f581b90c15f490ae93e9b5e43e029e5
SHA1

a4bb65522285f0ad8effd77fbebf522e98eeecd0
SHA256

9cf595796d8655d480c1d9de4472994cad5a3cbba91672beb715a66f263c531f
SHA512

5a89dd6485c8e470ed5ce9427fe1b0b201cd0df1c260e93529b9ec1c5987117058b8bb68bec59718d100e3df8248c499fd65632f332bd9369b463891d12fbf6e
SSDEEP

6144:aYIUYpq9OkCfUGvfdw+KOxxtUPztgMxl06ilufHvGAWmG+S:aYHYpKOV9vf67OxxtGR3l065zAt

Score

N/A

Malware Config

Signatures

Files

9cf595796d8655d480c1d9de4472994cad5a3cbba91672beb715a66f263c531f
.exe windows x86

b5520e3ef58c70adf94fade74ca659f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
InitializeCriticalSection
FreeEnvironmentStringsW
HeapFree
LoadLibraryA
lstrcatA
CreateFileA
InterlockedDecrement
GetVersionExA
GlobalUnlock
LCMapStringW
GlobalFindAtomA
CopyFileA
GlobalHandle
EnterCriticalSection
GetDateFormatA
DeleteCriticalSection
CloseHandle
LocalAlloc
TlsAlloc
GetEnvironmentStringsW
GetVersion
GetProfileStringA
HeapAlloc
ResumeThread
SetLastError
CreateDirectoryA
GetFileType
IsBadWritePtr
SetHandleCount
LoadResource
GlobalLock
GetModuleHandleA
FindNextFileA
GetModuleFileNameA
CreatePipe
GetTimeZoneInformation
lstrcmpA
SetEndOfFile
lstrcpyA
FindResourceA
GetWindowsDirectoryA
HeapSize
FormatMessageA
GetPrivateProfileStringA
FreeLibrary
IsBadCodePtr
SetStdHandle
GetCurrentProcess
MoveFileExA
GetExitCodeProcess
TlsFree
CreateProcessA
SizeofResource
CreateEventA
GetOEMCP
SuspendThread
TlsSetValue
GetEnvironmentVariableA
SetThreadPriority
GlobalGetAtomNameA
HeapDestroy
VirtualProtectEx
FindClose
GetStartupInfoA
SetFileAttributesA
GetCommandLineA
GetEnvironmentStrings
GetProcAddress
SetEvent
GetStringTypeW
GetLastError
GetCurrentThread
GlobalFlags
lstrcmpiA
SetUnhandledExceptionFilter
CompareStringA
RaiseException
GlobalFree
RtlUnwind
GlobalAddAtomA
UnhandledExceptionFilter
InterlockedIncrement
GetSystemDefaultLangID
SetErrorMode
ExitProcess
lstrlenA
GetCurrentThreadId
CompareStringW
HeapCreate
MulDiv
GetStdHandle
GetFullPathNameA
LeaveCriticalSection
LocalReAlloc
ExitThread
GlobalAlloc
GetTempFileNameA
LocalFree
WritePrivateProfileStringA
GlobalDeleteAtom
Sleep
VirtualProtect
FreeEnvironmentStringsA
GetLocalTime
FlushFileBuffers
TerminateProcess
IsBadReadPtr
VirtualFree
WaitForSingleObject
MultiByteToWideChar
GetStringTypeA
GetFileSize
VirtualAlloc
GetDriveTypeA
GetSystemTime
SetFilePointer
LockResource
CreateThread
FindFirstFileA
lstrcpynA
HeapReAlloc
WriteFile
SetEnvironmentVariableA
GetACP
DeleteFileA
ReadFile
PeekNamedPipe
WideCharToMultiByte
GlobalReAlloc
TlsGetValue
GetProcessVersion
RemoveDirectoryA

user32

EnableWindow
ScreenToClient
GetMenuState
SetMenuItemBitmaps
LoadBitmapA
IsWindowEnabled
SetWindowPos
RegisterClassA
InflateRect
CharNextA
wsprintfA
GetPropA
LoadAcceleratorsA
GetSysColorBrush
SetFocus
PeekMessageA
SetWindowLongA
RemovePropA
TabbedTextOutA
DrawTextA
AttachThreadInput
CallNextHookEx
PostQuitMessage
GetParent
DefDlgProcA
GetKeyState
SendMessageA
GetWindowTextA
UnhookWindowsHookEx
SetCursor
GetMenuCheckMarkDimensions
ShowWindow
DefWindowProcA
GetActiveWindow
GrayStringA
GetMenuStringA
PostMessageA
GetWindowRect
SetActiveWindow
GetSubMenu
DestroyMenu
TranslateMessage
SetPropA
GetDlgItem
TranslateAcceleratorA
GetSysColor
ReleaseDC
WinHelpA
IsWindow
OffsetRect
DispatchMessageA
ModifyMenuA
PtInRect
GetWindowLongA
EndPaint
HideCaret
GetWindowDC
BeginPaint
GetWindow
GetFocus
GetClientRect
SetWindowsHookExA
CreateWindowExA
UnregisterClassA
GetDesktopWindow
IsIconic
GetLastActivePopup
GetSystemMetrics
GetCapture
LoadIconA
GetMessageA
SystemParametersInfoA
DrawFocusRect
MoveWindow
ClientToScreen
CallWindowProcA
SetForegroundWindow
GetWindowPlacement
IsWindowUnicode
GetNextDlgTabItem
CreateDialogIndirectParamA
GetMenu
GetForegroundWindow
ShowCaret
GetClassNameA
LoadCursorA
InvalidateRect
SendDlgItemMessageA
SetDlgItemTextA
EndDialog
IntersectRect
AdjustWindowRectEx
EnableMenuItem
MapWindowPoints
GetDlgCtrlID
RegisterWindowMessageA
DestroyWindow
GetTopWindow
GetClassInfoA
LoadImageA
CopyRect
GetMenuItemCount
GetMessageTime
KillTimer
GetCursorPos
SetWindowTextA
GetWindowTextLengthA
MessageBoxA
LoadStringA
IsDialogMessageA
UpdateWindow
CheckMenuItem
GetMenuItemID
GetClassLongA
ExcludeUpdateRgn
GetDC
GetMessagePos
SetTimer
ValidateRect
IsWindowVisible

gdi32

SetWindowExtEx
CreateBitmap
BitBlt
SelectObject
SaveDC
TextOutA
ScaleWindowExtEx
GetDIBColorTable
RealizePalette
CreateHalftonePalette
IntersectClipRect
RectVisible
SetBkMode
BeginPath
GetTextExtentPointA
SetBkColor
GetTextExtentPoint32A
ExtTextOutA
PtVisible
SetTextColor
GetStockObject
SetMapMode
OffsetViewportOrgEx
ScaleViewportExtEx
DeleteDC
GetObjectA
CreateDIBitmap
RestoreDC
Escape
SetViewportOrgEx
CreateCompatibleDC
GetDeviceCaps
SelectPalette
CreateSolidBrush
CreatePalette
SetViewportExtEx
DeleteObject
PatBlt
GetClipBox

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegDeleteKeyA
AdjustTokenPrivileges
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegUnLoadKeyA
LookupPrivilegeValueA
RegEnumValueA
RegQueryValueExA
RegFlushKey
RegQueryInfoKeyA
RegLoadKeyA
RegOpenKeyExA
OpenProcessToken
RegSaveKeyA

shell32

ExtractIconA
SHBrowseForFolderA
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA

oleaut32

SysAllocString

comctl32

ImageList_Destroy
ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetHangUp

setupapi

SetupFindNextLine
SetupFindFirstLineA
SetupGetStringFieldA
SetupCloseInfFile
SetupGetBinaryField
SetupGetIntField
SetupGetFieldCount
SetupDecompressOrCopyFileA
SetupGetLineCountA
SetupFindNextMatchLineA
SetupIterateCabinetA
SetupOpenInfFileA
SetupGetLineTextA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ky3l
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kuy3l
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5520e3ef58c70adf94fade74ca659f5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

version

wininet

setupapi

Sections

.text Size: 11KB - Virtual size: 10KB

.itext Size: 9KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 145KB

.ky3l Size: 96KB - Virtual size: 95KB

.kuy3l Size: 172KB - Virtual size: 172KB

.rsrc Size: 8KB - Virtual size: 7KB

.idat_0 Size: 3KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.itext
Size: 9KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 145KB

.ky3l
Size: 96KB - Virtual size: 95KB

.kuy3l
Size: 172KB - Virtual size: 172KB

.rsrc
Size: 8KB - Virtual size: 7KB

.idat_0
Size: 3KB - Virtual size: 2KB