9aac6c922207a6f4ef1e6975e38f22d38ca957e438dfd8456e1d295a1f98ff73

Sharing

Copy URL Twitter E-mail

General

Target

9aac6c922207a6f4ef1e6975e38f22d38ca957e438dfd8456e1d295a1f98ff73
Size

556KB
MD5

03207c68f46bb327addf118020ddc820
SHA1

89e714923b85c606f5aeaf3ddf6eeefa941e2146
SHA256

9aac6c922207a6f4ef1e6975e38f22d38ca957e438dfd8456e1d295a1f98ff73
SHA512

36f019dd62d49e7b8c3de188c1ef3c179f509bd9edd60bcaf49a82476cf3d6cdb74c1c65bdc4b4d0b794a284ffc26634e74ab9cc675bf0744b2f3d4b61d8a340
SSDEEP

12288:oEKOtZjI20zR7XcZJSDjK4uldE8i1tdgsXhxIOBwNwpP3HNeq:OAj0zkAjK4u3E8i1IsXnLBwNwp/teq

Score

N/A

Malware Config

Signatures

Files

9aac6c922207a6f4ef1e6975e38f22d38ca957e438dfd8456e1d295a1f98ff73
.exe windows x86

13daee5b35849b8d50471756e14565f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitiateSystemShutdownW
CryptReleaseContext
CryptDeriveKey
CryptAcquireContextA
DuplicateToken
RegCreateKeyW
CryptSetProviderA
InitiateSystemShutdownA
LookupSecurityDescriptorPartsW
RegSaveKeyA
RegDeleteValueA
CryptSetProviderW
CryptGetUserKey
CryptAcquireContextW
RegCreateKeyExW
RegConnectRegistryA
CryptEnumProviderTypesA
LogonUserW
CryptDestroyHash
RegQueryMultipleValuesA

comctl32

ImageList_GetImageCount
ImageList_SetIconSize
CreatePropertySheetPageW
CreatePropertySheetPage
CreateMappedBitmap
GetEffectiveClientRect
ImageList_AddIcon
ImageList_Duplicate
ImageList_Copy
InitCommonControlsEx
ImageList_DragMove
ImageList_Read
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_DragEnter
ImageList_Add
ImageList_BeginDrag
CreateStatusWindowA
ImageList_Replace
ImageList_SetDragCursorImage
CreateStatusWindowW

user32

FindWindowExA
DlgDirSelectComboBoxExW
ToAscii
GetInputState
CheckDlgButton
SwapMouseButton
GetWindowInfo
CreateMDIWindowA
RegisterClipboardFormatW
TranslateAccelerator
GetTopWindow
ImpersonateDdeClientWindow
NotifyWinEvent
DefWindowProcW
GetWindowModuleFileNameW
SetScrollInfo
ShowCaret
DrawMenuBar
WindowFromDC
DdeConnect
SetWindowWord
GetClassInfoA
GetMenuInfo
GetMessageExtraInfo
EndDeferWindowPos
DdeCreateStringHandleA
CloseDesktop
RegisterClassExA
GetClipboardFormatNameW
RegisterClassA
EnumDisplaySettingsExA
ChangeDisplaySettingsW
DialogBoxIndirectParamW
CheckMenuRadioItem
IsCharUpperW
TranslateMessage
UpdateWindow
ModifyMenuA
CharToOemBuffW
SetWindowsHookExW
LoadCursorFromFileW
CreateWindowExW
CallMsgFilterW
CreateAcceleratorTableA
GetProcessDefaultLayout
LoadImageW
DestroyWindow
DdeSetQualityOfService
EqualRect
EnumPropsA
UnionRect
GetNextDlgTabItem
GetWindowTextA
UnloadKeyboardLayout
MessageBoxA
SetWindowsHookW
GetProcessWindowStation
IsWindow
ShowWindow
OemToCharA
AttachThreadInput
GetDlgItemInt
SetMessageQueue
ModifyMenuW
SetMessageExtraInfo
DdeQueryStringW
IsCharAlphaNumericA
GetSysColorBrush
GetClipboardData
CreateWindowStationW
GetKeyboardLayout
GetWindowDC
LoadBitmapA
ReuseDDElParam

wininet

RegisterUrlCacheNotification
InternetGetCertByURLA
InternetReadFile
DeleteUrlCacheEntryW

comdlg32

GetSaveFileNameW
ReplaceTextW

kernel32

FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTime
GetModuleFileNameW
SetConsoleActiveScreenBuffer
FreeResource
HeapReAlloc
GetCPInfo
ReadConsoleOutputCharacterA
VirtualAlloc
Sleep
DeleteCriticalSection
FindFirstFileExA
GetStartupInfoA
GetCurrentThread
SystemTimeToTzSpecificLocalTime
InterlockedIncrement
SetFilePointer
GetCurrentProcessId
LCMapStringA
EnumDateFormatsExW
EnumTimeFormatsA
TlsFree
ResetEvent
GetTimeFormatA
GetEnvironmentStringsW
HeapFree
GetCalendarInfoW
GetUserDefaultLCID
RtlUnwind
GetModuleHandleA
SetConsoleCursorInfo
EnumResourceTypesA
TlsSetValue
GetCommandLineW
CompareFileTime
UnhandledExceptionFilter
InterlockedExchangeAdd
GetConsoleCP
ExitThread
EnterCriticalSection
GetPrivateProfileIntA
CreateMailslotA
GetConsoleMode
GetFileType
GetConsoleCursorInfo
ExitProcess
GetWindowsDirectoryW
GetProcessHeap
GetTimeZoneInformation
WriteConsoleW
WriteFile
EnumDateFormatsExA
WideCharToMultiByte
GetCommandLineA
SetUnhandledExceptionFilter
GetDriveTypeA
SetStdHandle
GetLocaleInfoW
GetPrivateProfileStringW
InterlockedExchange
VirtualQuery
RemoveDirectoryW
LoadLibraryA
VirtualQueryEx
CompareStringA
FlushFileBuffers
GetSystemDefaultLCID
OpenMutexA
CreateFileA
GlobalFindAtomA
ReadConsoleInputW
WaitForSingleObjectEx
InterlockedDecrement
GetTickCount
EnumDateFormatsA
GetStartupInfoW
UnlockFile
InitializeCriticalSectionAndSpinCount
GetPrivateProfileSectionW
CloseHandle
lstrcmpi
SetHandleCount
GetLastError
GetPrivateProfileSectionNamesW
SetThreadLocale
MultiByteToWideChar
VirtualFree
ContinueDebugEvent
GetSystemDefaultLangID
GetStringTypeW
GetLocaleInfoA
GetStdHandle
SetConsoleTitleW
GetCurrentThreadId
GetModuleHandleW
GetTempPathA
HeapSize
UnmapViewOfFile
SetConsoleCP
GetProcAddress
CreateMutexA
LeaveCriticalSection
GetOEMCP
IsDebuggerPresent
IsValidCodePage
EnumSystemCodePagesW
CreateNamedPipeW
EnumSystemLocalesA
QueryPerformanceCounter
RtlZeroMemory
GetConsoleOutputCP
MoveFileExW
LocalShrink
ReadConsoleInputA
FreeLibraryAndExitThread
FreeLibrary
CompareStringW
HeapDestroy
FreeEnvironmentStringsA
RtlMoveMemory
SetLastError
TlsGetValue
lstrcmp
SetEnvironmentVariableA
ReadFile
GetSystemTimeAsFileTime
TerminateProcess
TlsAlloc
SetConsoleCtrlHandler
GetThreadTimes
GlobalAlloc
GetStringTypeA
GetACP
LCMapStringW
WriteConsoleA
GetFileTime
FormatMessageW
LockFileEx
GetCurrentProcess
RaiseException
IsValidLocale
GetDateFormatA
EnumDateFormatsW
GetThreadPriority
FlushInstructionCache
HeapCreate
HeapAlloc
SetComputerNameW
UnlockFileEx
GetThreadContext

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13daee5b35849b8d50471756e14565f8

Headers

File Characteristics

Imports

advapi32

comctl32

user32

wininet

comdlg32

kernel32

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 116KB - Virtual size: 142KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 116KB - Virtual size: 142KB

.rsrc
Size: 12KB - Virtual size: 11KB