b9826b5174bd8b00ff3b04580f5e5eaa13eb4e9175afafb0ef0f7d7a0516ffad

Sharing

Copy URL Twitter E-mail

General

Target

b9826b5174bd8b00ff3b04580f5e5eaa13eb4e9175afafb0ef0f7d7a0516ffad
Size

235KB
MD5

4cde6078c332d6a8419c388912195c78
SHA1

9cb31e65bdbd5217b84ef5c535c4e978c5d85261
SHA256

b9826b5174bd8b00ff3b04580f5e5eaa13eb4e9175afafb0ef0f7d7a0516ffad
SHA512

74545bf196db02b5051f30bb4ad21bd5bc63e6603f4ec6facb3cf5e7a26c752b4b996f2748c91ee88c5525c6422a279c968c38befa3e29dd4d366b415a91dd82
SSDEEP

6144:awnIXQxrXayw1Ms/kRLCJ+zAxRd+BMyX3DG06WF672MoViCRBfjY+0ZLz:a6rKyw1Ms/kRLgxR8BMyn3Po72NViCbo

Score

N/A

Malware Config

Signatures

Files

b9826b5174bd8b00ff3b04580f5e5eaa13eb4e9175afafb0ef0f7d7a0516ffad
.exe windows x86

72bc0f8a9258f0befe5fc82cd9a076d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetCurrentProcess
LocalFree
LocalAlloc
CreateDirectoryA
lstrlenA
lstrcpynA
lstrlenW
SizeofResource
LoadResource
DeleteFileA
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DebugBreak
GetModuleFileNameA
GetModuleHandleA
GetCurrentThread
HeapDestroy
lstrcatA
WritePrivateProfileStringA
GetLastError
OpenSemaphoreA
CreateSemaphoreA
SetErrorMode
GetVolumeInformationA
ReleaseSemaphore
Sleep
GetCurrentDirectoryA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetCurrentDirectoryA
FindFirstFileA
FindClose
CreateEventA
WaitForSingleObject
CreateFileA
CloseHandle
DeviceIoControl
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
GetCommandLineA
GetCurrentThreadId
lstrcmpiA
InterlockedIncrement
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetDriveTypeA
GetPrivateProfileSectionA
LoadLibraryExA
FindResourceA
lstrcpyA
TlsSetValue
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
GetLocaleInfoA
SearchPathA
GetPrivateProfileStringA
WriteFile
RtlUnwind
TlsGetValue
SetLastError
TlsAlloc
HeapAlloc
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
LCMapStringA
VirtualAlloc
VirtualFree
HeapCreate
ExitProcess
GetVersion
GetStartupInfoA
HeapReAlloc
GetLocalTime
HeapFree

user32

EndDialog
ShowWindow
TranslateMessage
CallWindowProcA
GetClassInfoExA
CreateWindowExA
RegisterClassExA
GetWindowTextLengthA
LoadCursorA
DispatchMessageA
GetWindowTextA
SetWindowLongA
GetParent
GetWindowRect
GetWindowLongA
DefWindowProcA
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetDesktopWindow
wsprintfA
PostMessageA
PostThreadMessageA
GetDlgItem
GetMessageA
CreateDialogParamA
DestroyWindow
SendMessageA
FindWindowA
PeekMessageA
LoadStringA
ExitWindowsEx
MessageBoxA
CharNextA
MsgWaitForMultipleObjects
GetWindow
GetTopWindow

advapi32

CopySid
GetLengthSid
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
SetFileSecurityA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumKeyExA
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
OpenThreadToken
GetTokenInformation
LookupAccountNameA
IsValidSecurityDescriptor
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
IsValidAcl
AddAccessAllowedAce
GetAce
InitializeAcl
GetSecurityDescriptorDacl
GetKernelObjectSecurity
AddAce
GetAclInformation
AddAccessDeniedAce
DeleteAce
EqualSid

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromCLSID
CoReleaseMarshalData
CoCreateInstance
OleLoadFromStream
CoMarshalInterface
CoTaskMemRealloc
CoTaskMemFree
WriteClassStm
OleSaveToStream
ProgIDFromCLSID
CreateStreamOnHGlobal
CoUnmarshalInterface
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
CoUninitialize

oleaut32

VariantInit
SafeArrayAccessData
VariantChangeType
SafeArrayDestroy
LoadTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
VariantCopy
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VarI4FromStr
SafeArrayGetDim
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantClear
SysAllocString
SysStringByteLen

winmm

mciSendCommandA

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 23KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tsdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

72bc0f8a9258f0befe5fc82cd9a076d8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

winmm

Sections

.text Size: 121KB - Virtual size: 120KB

.sdata Size: 512B - Virtual size: 8B

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 23KB - Virtual size: 30KB

.rsrc Size: 7KB - Virtual size: 7KB

.tsdata Size: 72KB - Virtual size: 72KB

.text
Size: 121KB - Virtual size: 120KB

.sdata
Size: 512B - Virtual size: 8B

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 23KB - Virtual size: 30KB

.rsrc
Size: 7KB - Virtual size: 7KB

.tsdata
Size: 72KB - Virtual size: 72KB