9dba73506e893cbc5ab5efebdaf27406d27cacf3de2e8f762a90fea4e7ab7879

Sharing

Copy URL

Twitter E-mail

General

Target

9dba73506e893cbc5ab5efebdaf27406d27cacf3de2e8f762a90fea4e7ab7879
Size

21KB
MD5

f194c70e38bdbebb218a3ddd8d536d53
SHA1

8e25ae93c8084985866f6eabb66e918220ab98fe
SHA256

9dba73506e893cbc5ab5efebdaf27406d27cacf3de2e8f762a90fea4e7ab7879
SHA512

e59c6a585167ca20a36b13b03e1156fc40220f33f25cad887ee993155735f2ea342fc6339c4e8543f35c337c4cba2b9a9097a1ee885563f4a8563f81d3ae0b5f
SSDEEP

384:T5VySGn1EM1Pab8I0yXU08A6zd/cmMjuLSobaENEAN+b/xnO6v:exnW+A9XU08/zhcuD8xv

Score

N/A

Malware Config

Signatures

Files

9dba73506e893cbc5ab5efebdaf27406d27cacf3de2e8f762a90fea4e7ab7879
.exe windows x86

eeb472ee3fd7bc88851875c9fd4a3fac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrA
GetFileTime
SetLocaleInfoA
lstrcmpi
FindAtomW
GetModuleHandleA
GetProcAddress
GetCommandLineA
GetTempPathW
GetSystemDefaultLangID
CreateFileA
QueryPerformanceFrequency
CopyFileA
lstrcmpiA
GetCurrentDirectoryW
GetLocaleInfoW
CreateEventA
lstrlen
lstrlenW
ExpandEnvironmentStringsA
OpenMutexA
GetComputerNameA
SetLocaleInfoW
BeginUpdateResourceW
GetCurrentProcessId
GetCPInfo
GetProcessHeap
MoveFileA
lstrcatA
GetExpandedNameA
GetShortPathNameW
GetUserDefaultLangID
GetLocalTime
ReplaceFileW
GetEnvironmentVariableW
LoadResource
ExitProcess
ReadFile
lstrcmpA
GetSystemDefaultLCID
GetStartupInfoW
GetTempPathA
EnumDateFormatsW
SystemTimeToFileTime
GetEnvironmentStringsA

user32

GetKeyState
CreateDialogIndirectParamA
CheckDlgButton
SetCursorPos
InsertMenuA
UpdateLayeredWindow
RegisterClassExA
GetMenuItemID
GetClientRect
CreateDialogParamA
DialogBoxIndirectParamA
CreatePopupMenu
OffsetRect
EnumChildWindows
CopyRect
CheckRadioButton
CharLowerW
WinHelpA
PeekMessageW
ActivateKeyboardLayout
GetClassNameW
wvsprintfA
PostMessageA
RegisterWindowMessageW
GetCursorPos
PostMessageW
MessageBoxA
InvalidateRect
GetMenuState
SetWindowLongA
IsWindow
MessageBoxW
SendDlgItemMessageA
DestroyCursor
CreateMenu
CharPrevA
IsIconic
CopyImage
EnableWindow
DrawIcon
FindWindowW
GetWindowLongW
wvsprintfW
BringWindowToTop
SendDlgItemMessageW
LoadBitmapW
DefFrameProcA

gdi32

Polyline
EnumFontsW
MoveToEx
GetNearestColor
GetCharWidthA
UpdateColors
CreateDCA
GetPixelFormat
OffsetRgn
CombineRgn
GetLogColorSpaceA
SetColorSpace
SetDIBits
SetColorAdjustment
InvertRgn
GetPolyFillMode

advapi32

RegSaveKeyA
RegReplaceKeyA
RegOpenKeyExA
RegDeleteKeyW

inetcomm

EssReceiptDecodeEx
EssSecurityLabelEncodeEx
MimeOleGetPropertySchema
MimeOleAlgNameFromSMimeCap
HrGetAttachIcon
MimeOleGetCertsFromThumbprints
MimeOleCreateHeaderTable
EssContentHintEncodeEx
HrGetLastOpenFileDirectory
MimeOleGetFileExtension
MimeOleCreateMessageParts
MimeOleDecodeHeader
MimeOleCreateHashTable

sqlunirl

_EnumResourceNames_@16
ConvertMultiSZNameToW
_CreateEnhMetaFile_@16
_CreateProcessAsUser_@44
_EnumResourceTypes_@12
_AddAtom_@4
_DefFrameProc_@20
_GetPrivateProfileSectionNames_@12
_DrawState_@40
_DialogBoxParam_@20
_DlgDirList_@20
_NDdeShareAdd_@20

wsock32

NPLoadNameSpaces
getpeername
send
connect
GetNameByTypeA
WSAAsyncGetServByPort
getsockname
gethostbyname
closesocket

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.YtM
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brp
Size: 512B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GtLiHu
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NtXc
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NIBZ
Size: 1024B - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zsP
Size: 1KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eeb472ee3fd7bc88851875c9fd4a3fac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

inetcomm

sqlunirl

wsock32

Sections

.text Size: 11KB - Virtual size: 11KB

.YtM Size: 1024B - Virtual size: 6KB

.brp Size: 512B - Virtual size: 48KB

.GtLiHu Size: 4KB - Virtual size: 16KB

.NtXc Size: 1KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 4KB

.NIBZ Size: 1024B - Virtual size: 43KB

.zsP Size: 1KB - Virtual size: 254KB

.rsrc Size: 169KB - Virtual size: 168KB

.reloc Size: 1024B - Virtual size: 908B

.text
Size: 11KB - Virtual size: 11KB

.YtM
Size: 1024B - Virtual size: 6KB

.brp
Size: 512B - Virtual size: 48KB

.GtLiHu
Size: 4KB - Virtual size: 16KB

.NtXc
Size: 1KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 4KB

.NIBZ
Size: 1024B - Virtual size: 43KB

.zsP
Size: 1KB - Virtual size: 254KB

.rsrc
Size: 169KB - Virtual size: 168KB

.reloc
Size: 1024B - Virtual size: 908B