9bfe592cf33923b6f4415649abea59a70e12ed440a7741fdbbab53e01e26814d

Sharing

Copy URL Twitter E-mail

General

Target

9bfe592cf33923b6f4415649abea59a70e12ed440a7741fdbbab53e01e26814d
Size

504KB
MD5

2eeb5643e1bb0a37bdc6d65179443d9b
SHA1

d15f1c2d6eb05cba03ba4fbfaf88905f8c97dcd8
SHA256

9bfe592cf33923b6f4415649abea59a70e12ed440a7741fdbbab53e01e26814d
SHA512

c7632d8f3f2f4f82b7bbe952023e4a34c42bcf5226adcf872a12e9d1a1f5eb28a9b02bf922c755d8f54176ca14b8a1261dec771f364d8c157b6253fb4945737b
SSDEEP

6144:/dSS4sWrDmpD44xSnKQOt5y8Hnz8QaetnS7zuDPNamMORBJpEtAPO:/+CD47KQOt5y8Hnz8Gtn7PNaqBHgAP

Score

N/A

Malware Config

Signatures

Files

9bfe592cf33923b6f4415649abea59a70e12ed440a7741fdbbab53e01e26814d
.exe windows x86

56b47686e17fcc3a892c65198c03cf0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3

kernel32

GetModuleHandleW
GetWindowsDirectoryW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
TlsFree
InterlockedDecrement
TlsSetValue
InterlockedIncrement
TlsAlloc
TlsGetValue
CreateFileW
CloseHandle
FormatMessageW
GetLastError
GetFileAttributesW
lstrcpyW
TerminateThread
CreateThread
SetLastError
WriteFile
lstrlenA
GetSystemDefaultUILanguage
GetOEMCP
FreeResource
SizeofResource
LoadResource
FindResourceW

user32

EnableWindow
PostMessageW
WinHelpW
EndDialog
wsprintfA
SetDlgItemTextW
GetKeyboardLayout
InsertMenuW
wsprintfW
MsgWaitForMultipleObjects
SetWindowLongW
GetWindowLongW
LoadImageW
LoadIconW
GetDlgItem
GetClientRect
SendMessageW
DestroyIcon
SendDlgItemMessageW
LoadStringW
LoadStringA
DialogBoxParamW
GetSystemMetrics
PeekMessageW

ole32

ReleaseStgMedium

shlwapi

StrToIntW
StrToIntA
ord219
PathAppendW
PathBuildRootW
StrCatW

shell32

DragQueryFileW
SHChangeNotifySuspendResume
SHChangeNotify
ord155
SHGetFileInfoW
ord182
SHParseDisplayName
ShellExecuteW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj5
Size: 2KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj50
Size: 2KB - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj51
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj52
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj53
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj54
Size: 2KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj55
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj56
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj57
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fhj58
Size: 2KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fhj59
Size: 2KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1231
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAKS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAHS
Size: 2KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HAJS
Size: 2KB - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HnJS
Size: 2KB - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKALS
Size: 2KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SKAkS
Size: 2KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SfAkS
Size: 2KB - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUqj
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8AUq8
Size: 2KB - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQK
Size: 2KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHSK
Size: 2KB - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JAHQJ
Size: 2KB - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b47686e17fcc3a892c65198c03cf0a

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

shlwapi

shell32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.fhj5 Size: 2KB - Virtual size: 192B

.fhj50 Size: 2KB - Virtual size: 194B

.fhj51 Size: 2KB - Virtual size: 228B

.fhj52 Size: 210KB - Virtual size: 209KB

.fhj53 Size: 210KB - Virtual size: 209KB

.fhj54 Size: 2KB - Virtual size: 196B

.fhj55 Size: 2KB - Virtual size: 204B

.fhj56 Size: 2KB - Virtual size: 208B

.fhj57 Size: 2KB - Virtual size: 202B

.fhj58 Size: 2KB - Virtual size: 228B

.fhj59 Size: 2KB - Virtual size: 206B

.1231 Size: 2KB - Virtual size: 208B

.JAKS Size: 2KB - Virtual size: 208B

.GAHS Size: 2KB - Virtual size: 204B

.HAJS Size: 2KB - Virtual size: 588B

.HnJS Size: 2KB - Virtual size: 198B

.SKALS Size: 2KB - Virtual size: 208B

.SKAkS Size: 2KB - Virtual size: 216B

.SfAkS Size: 2KB - Virtual size: 236B

.8AUqj Size: 2KB - Virtual size: 202B

.8AUq8 Size: 2KB - Virtual size: 202B

.JAHQK Size: 2KB - Virtual size: 160B

.JAHSK Size: 2KB - Virtual size: 162B

.JAHQJ Size: 2KB - Virtual size: 126B

.rsrc Size: 18KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 324B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.fhj5
Size: 2KB - Virtual size: 192B

.fhj50
Size: 2KB - Virtual size: 194B

.fhj51
Size: 2KB - Virtual size: 228B

.fhj52
Size: 210KB - Virtual size: 209KB

.fhj53
Size: 210KB - Virtual size: 209KB

.fhj54
Size: 2KB - Virtual size: 196B

.fhj55
Size: 2KB - Virtual size: 204B

.fhj56
Size: 2KB - Virtual size: 208B

.fhj57
Size: 2KB - Virtual size: 202B

.fhj58
Size: 2KB - Virtual size: 228B

.fhj59
Size: 2KB - Virtual size: 206B

.1231
Size: 2KB - Virtual size: 208B

.JAKS
Size: 2KB - Virtual size: 208B

.GAHS
Size: 2KB - Virtual size: 204B

.HAJS
Size: 2KB - Virtual size: 588B

.HnJS
Size: 2KB - Virtual size: 198B

.SKALS
Size: 2KB - Virtual size: 208B

.SKAkS
Size: 2KB - Virtual size: 216B

.SfAkS
Size: 2KB - Virtual size: 236B

.8AUqj
Size: 2KB - Virtual size: 202B

.8AUq8
Size: 2KB - Virtual size: 202B

.JAHQK
Size: 2KB - Virtual size: 160B

.JAHSK
Size: 2KB - Virtual size: 162B

.JAHQJ
Size: 2KB - Virtual size: 126B

.rsrc
Size: 18KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 324B