9dc1d521e29cc83c07f99654a93c75ad4b9f3140d434c85ae7cd5803b18d9e69

Sharing

Copy URL Twitter E-mail

General

Target

9dc1d521e29cc83c07f99654a93c75ad4b9f3140d434c85ae7cd5803b18d9e69
Size

90KB
MD5

fea9258cde24dcb900214403637204cb
SHA1

0fc87ef8d5f3cafc11785073ef6befe1b2cb9a17
SHA256

9dc1d521e29cc83c07f99654a93c75ad4b9f3140d434c85ae7cd5803b18d9e69
SHA512

18812746426f8a2bbb8b875d6cf2a893e647eaf17d19350d52fe30038c32d8f4131dcdd379936349ce4eb8ad15f4d7e8d469e61a7a769ea93d18c0604e59d4f9
SSDEEP

1536:9rbgsjIuEBj+aLoPNeJKvrIRILElhAQeLJb4tUlsJST0Y0VOX84g:ZfKoFeQGILELAhJCJevPg

Score

N/A

Malware Config

Signatures

Files

9dc1d521e29cc83c07f99654a93c75ad4b9f3140d434c85ae7cd5803b18d9e69
.dll windows x86

c47381c427a6eab92c9612d7791480b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
EnterCriticalSection
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetLastError
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
InterlockedIncrement
LeaveCriticalSection
RtlUnwind
SetLastError
WriteFile
lstrcmpiA

advapi32

RegCloseKey
RegEnumKeyA
RegLoadKeyA
RegOpenKeyExA
RegQueryValueA

wininet

InternetWriteFile
InternetSetOptionExA
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetGetCookieA
InternetCrackUrlA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA

user32

ShowOwnedPopups
SetMenuInfo
MessageBoxA
MessageBeep
LoadIconA
CharToOemA
GetMenu
GetDC
EndMenu
ChangeMenuA
DestroyMenu

shell32

SHGetDesktopFolder
SHFileOperationA
SHBindToParent
SHGetMalloc
SHGetPathFromIDListA
ShellExecuteExW
ShellExecuteA
SHGetFileInfoA

shlwapi

PathUnquoteSpacesA
StrChrA
PathFindFileNameA
PathQuoteSpacesA
PathCompactPathExA

imm32

ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetContext

msvcrt

free
realloc
sprintf
sscanf
strchr
malloc
memcpy
time

Exports

Exports

Idu
Mmfq
Nwxkzp
Rjqd

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c47381c427a6eab92c9612d7791480b5

Headers

File Characteristics

Imports

kernel32

advapi32

wininet

user32

shell32

shlwapi

imm32

msvcrt

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 32KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 27KB - Virtual size: 28KB

.text
Size: 31KB - Virtual size: 32KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 27KB - Virtual size: 28KB