9aa49a70e65f624d890feb95a62c32af168baa442951413f74d913ac5b1acd53

Sharing

Copy URL Twitter E-mail

General

Target

9aa49a70e65f624d890feb95a62c32af168baa442951413f74d913ac5b1acd53
Size

141KB
MD5

b76287586f7e4299b39ab5783aab4dbf
SHA1

7bdf1123bfc4182138ce2f878ed6f6ee0cf13f1b
SHA256

9aa49a70e65f624d890feb95a62c32af168baa442951413f74d913ac5b1acd53
SHA512

aedb497c9768c02f2007a3462a90d7b9c1e0ff8ffaf385098be58a2f055a974f59a115fc308a0279785775efa0a91c34231fe4d37b4af2df6a1112cdec1b31ff
SSDEEP

3072:FG+0iRnxgwXIdkzJBkXVwXmiWId+UTuwVm4nzJCBZ:FG+0iRfV1iXm/7uxr3

Score

N/A

Malware Config

Signatures

Files

9aa49a70e65f624d890feb95a62c32af168baa442951413f74d913ac5b1acd53
.exe windows x86

d38454249bae37c126ad3a6e517362f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
lstrcmpiW
Sleep
CloseHandle
GetCurrentThread
ResumeThread
SetFilePointer
lstrcmpiA
FormatMessageW
GetVersion
GetStdHandle
GetCurrentProcessId
IsBadWritePtr
GetExitCodeThread
GetSystemTimeAsFileTime
GetCommandLineA
OutputDebugStringW
IsDebuggerPresent
GetACP
GetFileType
WaitForSingleObject
lstrcpyA
InterlockedIncrement
LockResource
DeleteFileA
SetThreadPriority
OpenMutexA
GetOEMCP
IsBadReadPtr
GetCommandLineW
GetFileAttributesA
VirtualFree
SetStdHandle
VirtualAlloc
FindFirstFileW
GetCurrentThreadId
CreateFileMappingW
GetTickCount
LoadResource
GetVersionExA
GetExitCodeProcess
GetEnvironmentStrings
InterlockedExchange
QueryPerformanceCounter
FindResourceW
TlsAlloc
GetModuleHandleW

user32

GetForegroundWindow
wsprintfA
GetMenuItemCount
IsWindowEnabled
GetCursorPos
SetWindowTextA
DispatchMessageA
GetSubMenu
DialogBoxParamW
GetWindowLongA
DestroyIcon
TranslateMessage
GetMessagePos
ReleaseDC
SendDlgItemMessageW
ShowWindow
SetFocus
GetFocus
IsChild
GetDlgCtrlID
MapWindowPoints
CharPrevA
WinHelpW

msvcrt

rand
iswdigit
_controlfp
_chsize
srand
_stat
_ltoa
wcspbrk
__p__iob
isspace
_finite
__p__osver
_commit
__CxxFrameHandler
ctime
fopen
__p__commode
_access
qsort
wcsspn
malloc
exit
__dllonexit
memset
_tell
_ftol
_wtol

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 413B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d38454249bae37c126ad3a6e517362f8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 130KB - Virtual size: 130KB

.bss Size: 512B - Virtual size: 502B

.tls Size: 512B - Virtual size: 122KB

.bss Size: 512B - Virtual size: 480B

.tls Size: 512B - Virtual size: 474B

DATA Size: 512B - Virtual size: 248B

.bss Size: 512B - Virtual size: 37KB

DATA Size: 512B - Virtual size: 413B

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 130KB - Virtual size: 130KB

.bss
Size: 512B - Virtual size: 502B

.tls
Size: 512B - Virtual size: 122KB

.bss
Size: 512B - Virtual size: 480B

.tls
Size: 512B - Virtual size: 474B

DATA
Size: 512B - Virtual size: 248B

.bss
Size: 512B - Virtual size: 37KB

DATA
Size: 512B - Virtual size: 413B

.rsrc
Size: 6KB - Virtual size: 6KB