c9bcc446a07852d6fc8c224a109ecae0ec3bb6a73180404fc9366aa9c07a85dd

Sharing

Copy URL Twitter E-mail

General

Target

c9bcc446a07852d6fc8c224a109ecae0ec3bb6a73180404fc9366aa9c07a85dd
Size

784KB
MD5

4d21c3fdd136156da6e3f772728bf559
SHA1

e0c3f31c7f4536d71b8c9331ccf81199350476ca
SHA256

c9bcc446a07852d6fc8c224a109ecae0ec3bb6a73180404fc9366aa9c07a85dd
SHA512

18a623fdd1bf05658084eb8f3b4c7c7ceb070cde1f06ad0816bcbf7b70f6cf32c3e9d0a6d3e19c909c3cb453cb55bce58a6ea310a9fd7a871574302958f9ddde
SSDEEP

12288:FkQ0wr/K9cyZClEYJdkUwLEHwQo4ZqWG+RLmS2oQwlQ:FWwLK6mCkUwLEHztLmSlQwlQ

Score

N/A

Malware Config

Signatures

Files

c9bcc446a07852d6fc8c224a109ecae0ec3bb6a73180404fc9366aa9c07a85dd
.exe windows x86

5d8708b465359b360f1e79dee6e7281c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetCurrentProcessId
InterlockedExchange
GetModuleHandleW
GetModuleFileNameW
GetCommandLineA
GetProcAddress
GetFileType
UnhandledExceptionFilter
GetCurrentProcess
FreeEnvironmentStringsA
LCMapStringW
GetLastError
GetStdHandle
QueryPerformanceCounter
GetSystemTime
GetVersion
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetModuleHandleA
SetFilePointer
HeapReAlloc
EnterCriticalSection
CloseHandle
GetTickCount
GetEnvironmentStringsW
HeapFree
GetLocalTime
GetCPInfo
SetLastError
GetStartupInfoA
SetUnhandledExceptionFilter
ReadFile
InterlockedDecrement
VirtualAlloc
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
GetCommandLineW
RtlUnwind
LCMapStringA
LoadLibraryA
SetHandleCount
GetEnvironmentStrings
TlsAlloc
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
IsBadCodePtr
GetStringTypeA
CompareStringA
LeaveCriticalSection
HeapAlloc
TlsSetValue
GetCurrentThreadId
RaiseException
WriteFile
VirtualFree
GetTimeZoneInformation
HeapDestroy
CreateMutexW
TerminateProcess
GetModuleFileNameA
ExitProcess
WideCharToMultiByte
GetStartupInfoW
HeapCreate
LoadLibraryW
VirtualQuery
FlushFileBuffers

comctl32

ImageList_LoadImageW
CreateStatusWindowW
ImageList_Create
ImageList_AddMasked

gdi32

GetCurrentObject
FrameRgn
GetStockObject
SetROP2
ExcludeClipRect
SetAbortProc
GetViewportExtEx
GetTextAlign
SetBkColor
SetPixelV
GetDCOrgEx
PatBlt
SetTextJustification
CreateRectRgn
SetPolyFillMode
SelectClipRgn
GetObjectA
OffsetClipRgn
SetWindowOrgEx
GetObjectType
GetTextExtentPoint32A
DPtoLP
TextOutA
CreateDIBitmap
GetWindowExtEx
CombineRgn
Ellipse

shlwapi

UrlUnescapeW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW

winspool.drv

ClosePrinter
OpenPrinterA
GetJobA
ord204

shell32

ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragAcceptFiles

advapi32

RegEnumKeyExA
InitializeSecurityDescriptor
GetTokenInformation
ControlService
SetSecurityDescriptorDacl
FreeSid
RegCloseKey
InitializeAcl
RegSetValueExW
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
GetUserNameA
RegOpenKeyA
RegSetValueExA
RegEnumValueA
OpenProcessToken
SetServiceStatus
RegCreateKeyA
RegCreateKeyExA
StartServiceCtrlDispatcherA
RegDeleteValueA
RegQueryValueExW

user32

SetFocus
GetWindowDC
MoveWindow
LoadIconW
TranslateMessage
SetRect
LoadAcceleratorsW
EnumChildWindows
SetCapture
InvalidateRect
RegisterClassW
CreateWindowExW
GetCursorPos
GetSysColorBrush
GetSysColor
GetClientRect
CallWindowProcW
GetKeyState
SetTimer
RegisterClassExW
SetCursor
TrackPopupMenu
DrawEdge
DefWindowProcW
InsertMenuW
MessageBoxW
GetWindowRect
BringWindowToTop
IsClipboardFormatAvailable
IsWindowEnabled
UnregisterClassW
DestroyIcon
SendDlgItemMessageW
DestroyWindow
GetWindowThreadProcessId
LoadBitmapW
DrawTextExW
RedrawWindow
ScreenToClient
ShowWindow
GetMessagePos
GetParent
IsMenu
OffsetRect
GetWindowTextLengthW
CreatePopupMenu
LoadCursorW
GetSubMenu
WindowFromPoint
GetClassNameW
AppendMenuW
EqualRect
SetWindowPos

mfc42

ord1576

comdlg32

GetOpenFileNameA
CommDlgExtendedError
ChooseColorA
GetSaveFileNameA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d8708b465359b360f1e79dee6e7281c

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

shlwapi

winspool.drv

shell32

advapi32

user32

mfc42

comdlg32

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 472KB - Virtual size: 469KB

.data Size: 112KB - Virtual size: 128KB

.rsrc Size: 128KB - Virtual size: 127KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 472KB - Virtual size: 469KB

.data
Size: 112KB - Virtual size: 128KB

.rsrc
Size: 128KB - Virtual size: 127KB