9547f80340445d06d0b9470cc2bb848f5258c5a2a139fe31c5d8064b667c3173

Sharing

Copy URL

Twitter E-mail

General

Target

9547f80340445d06d0b9470cc2bb848f5258c5a2a139fe31c5d8064b667c3173
Size

327KB
MD5

979e742b429828837d348df3223c76a5
SHA1

3ce42a5d4a56ecfdaf0a91ceb9b97c8a1bb58ca1
SHA256

9547f80340445d06d0b9470cc2bb848f5258c5a2a139fe31c5d8064b667c3173
SHA512

6cc247a5c5de91ffda4e1c6ee473bcaa4cedae7cdbb0b64f8558bb93951c9465a599466fe56fb748d6dd83ac904f32b1d1f776f8ae5ec379cf9177830b300617
SSDEEP

6144:yHV8dPqueCxF00p+XI/4T8W0wFDUEefQEjHI5lpIzuZGevbXas:oSZxfDsF1FGljobOz6Fra

Score

N/A

Malware Config

Signatures

Files

9547f80340445d06d0b9470cc2bb848f5258c5a2a139fe31c5d8064b667c3173
.exe windows x86

d2a1fef48db948b5f07fa1c8a9915c14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
memmove
strcmp
strchr
__RTDynamicCast
_wcsicmp
__CxxFrameHandler
_purecall
_vsnprintf
strstr
memcpy
memset
wcslen
wcscpy
wcsrchr
free
malloc
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__dllonexit
??2@YAPAXI@Z
_onexit
??3@YAXPAX@Z

advapi32

CloseServiceHandle
GetUserNameW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
StartServiceA
QueryServiceStatus
OpenServiceA
RegQueryInfoKeyA
OpenSCManagerA
RegCreateKeyExA
RegSetValueExA

kernel32

GetCurrentProcess
HeapDestroy
GetProcessHeap
HeapCreate
FlushInstructionCache
ReleaseMutex
LockResource
GetCurrentDirectoryA
LCMapStringW
LoadResource
GetWindowsDirectoryW
FindResourceA
QueryPerformanceCounter
FindFirstFileA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
VirtualFree
VirtualAlloc
DeleteTimerQueue
OutputDebugStringA
ReadFile
lstrcatA
OpenEventW
SetFileAttributesA
lstrlenA
GetCommandLineA
FindNextFileA
GlobalAlloc
GetCurrentThreadId
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
IsBadWritePtr
IsBadReadPtr
InterlockedDecrement
GetUserDefaultLangID
LocalFree
lstrcpyW
lstrlenW
IsBadStringPtrW
UnregisterWaitEx
IsDebuggerPresent
SetEvent
CloseHandle
UnregisterWait
GetConsoleOutputCP
RegisterWaitForSingleObject
CreateEventA
lstrcmpiW
Sleep
WaitForSingleObject
SetLastError
SetFilePointer
IsBadCodePtr
OpenSemaphoreW
GetUserDefaultUILanguage
FreeEnvironmentStringsA
OpenMutexW
GetTempPathA
DeleteFileA
GetProcAddress
AreFileApisANSI
GetModuleHandleA
FindAtomA
SetCurrentDirectoryA
CreateSemaphoreA
GetLastError
GetSystemDefaultUILanguage
GetThreadLocale
GetSystemDefaultLCID
OpenMutexA
CreateSemaphoreW
ReleaseSemaphore
LocalAlloc
OpenSemaphoreA
FormatMessageA
FreeLibrary
InterlockedCompareExchange
LoadLibraryA
GetUserDefaultLCID
IsBadStringPtrA
GetModuleHandleW
MultiByteToWideChar
FindResourceExW
GetACP
GetComputerNameExW
OpenEventA
FindResourceW
WideCharToMultiByte
TlsSetValue
TlsGetValue
GetModuleFileNameW
GetModuleFileNameA
GetCommandLineW
GetVersion
GetComputerNameW
CreateFileA
GetCurrentProcessId
ExitThread
FreeLibraryAndExitThread
LoadLibraryW
CreateThread
WaitForMultipleObjectsEx
TlsFree
CreateMutexA
WaitForSingleObjectEx
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetSystemDefaultLangID
ResetEvent
GetStartupInfoA
CreateTimerQueue
ChangeTimerQueueTimer
TryEnterCriticalSection
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetTickCount
lstrcatW

ole32

IIDFromString
CoInitializeEx
CoWaitForMultipleHandles
CoUninitialize
CLSIDFromString
StringFromIID
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoCreateFreeThreadedMarshaler

rpcrt4

RpcStringFreeA
RpcBindingFree
RpcStringBindingComposeA
NdrClientCall2
RpcBindingFromStringBindingA

user32

wsprintfW
LoadStringW
GetClipboardOwner
CreateWindowExA
LoadBitmapA
SendMessageA
CountClipboardFormats
UpdateWindow
PostQuitMessage
TranslateMessage
EndDialog
ReleaseDC
GetFocus
DestroyWindow
GetDC
SetWindowLongA
IsWindow
SetDlgItemTextA
DispatchMessageA
GetDoubleClickTime
GetCursor
IsDlgButtonChecked
FindWindowA
LoadStringA
FindWindowExA
DialogBoxParamA
GetActiveWindow
EnumWindows
GetInputState
GetClipboardViewer
GetSystemMetrics
GetProcessDefaultLayout
DefWindowProcA
wsprintfA

wininet

InternetSetCookieA
InternetGetCookieA

winmm

mixerClose
waveOutOpen
waveOutReset
waveOutPrepareHeader
waveOutWrite
waveOutMessage
midiInMessage
midiOutMessage
waveInMessage
mixerGetLineControlsA
mixerOpen
mixerSetControlDetails
mixerGetControlDetailsA
waveOutClose

rtutils

TraceDeregisterA
TraceRegisterExA
TraceVprintfExA

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 217KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2a1fef48db948b5f07fa1c8a9915c14

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

ole32

rpcrt4

user32

wininet

winmm

rtutils

Sections

.text Size: 73KB - Virtual size: 73KB

.data Size: 217KB - Virtual size: 287KB

.bss Size: - Virtual size: 14KB

.tls Size: 1KB - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 73KB - Virtual size: 73KB

.data
Size: 217KB - Virtual size: 287KB

.bss
Size: - Virtual size: 14KB

.tls
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 3KB - Virtual size: 3KB