f7ddcca6e1d13d9c78010d9129f06ba4721835aba9040c5151779f148756c7e9

Sharing

Copy URL

Twitter E-mail

General

Target

f7ddcca6e1d13d9c78010d9129f06ba4721835aba9040c5151779f148756c7e9
Size

230KB
MD5

4bb9bf73c392386b595db9304ba0898d
SHA1

6a78b417718e92eecd1a39659e49ff596d2938a6
SHA256

f7ddcca6e1d13d9c78010d9129f06ba4721835aba9040c5151779f148756c7e9
SHA512

647f8a78161d2bab8676a3fb105304df539ee15b950ac844c2a86cfea6522659eb0b7232df18ee31006df9d066d3caf71c3946d6555a05bf3d425acffa3c9420
SSDEEP

6144:qLlrBRkiq22F/Q7idG4S++MsjLhQCqzSrJ549Ew6y:qL9BRTSh785NPePi0F

Score

N/A

Malware Config

Signatures

Files

f7ddcca6e1d13d9c78010d9129f06ba4721835aba9040c5151779f148756c7e9
.exe windows x86

9c49c3a7dc62a0d26459c33ff5752148

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

IsProcessorFeaturePresent
InterlockedCompareExchange
WaitForSingleObject
GetStartupInfoA
GetVolumeInformationW
ExitProcess
VirtualAlloc
GetSystemInfo
GetModuleHandleA
lstrcmpiA
GetSystemTimeAsFileTime
ReadFile
DeviceIoControl
GetCurrentThreadId
HeapReAlloc
CloseHandle
SetStdHandle
CreateFileMappingA
RtlUnwind
GetCurrentProcess
QueryPerformanceCounter
CreateEventA
FreeLibrary
GetSystemDirectoryA
OutputDebugStringW
LoadLibraryA
CreateDirectoryW
LoadResource
GetVersionExA
GlobalLock
GetSystemDefaultLCID
InterlockedExchange
SetConsoleCP
lstrcmpiW
GetStringTypeA
GetSystemTime
GetDriveTypeA
GetACP
CreateFileW
HeapSize
GetCommandLineA
GetTickCount
GetOEMCP
LocalFree
SetLastError
UnhandledExceptionFilter
RemoveDirectoryA
TlsSetValue
HeapAlloc
HeapFree
SetEvent
FindNextFileW
WideCharToMultiByte
HeapDestroy
InitializeCriticalSection
LeaveCriticalSection
GetLocaleInfoA
lstrlenA
SetFileAttributesW
VirtualProtect
lstrcpyA
GetModuleFileNameW
FreeEnvironmentStringsA
RaiseException
SetUnhandledExceptionFilter
EnterCriticalSection
GetStringTypeW
GetCurrentProcessId
GetProcAddress
GetEnvironmentStringsW

user32

GetForegroundWindow
SetWindowPos
GetClientRect
IsIconic
FillRect
BeginPaint
GetSystemMetrics
GetDC
DialogBoxParamA
UpdateWindow
SetWindowLongW
CharNextA
GetParent
InvalidateRect
ShowWindow
TrackPopupMenu
SetWindowsHookExA
ScreenToClient
GetAsyncKeyState
PeekMessageA
SetDlgItemTextW
ReleaseDC
TranslateMessage
InflateRect
GetWindowDC
IsWindow
EnumChildWindows
GetWindowLongA
SetForegroundWindow
MessageBoxA
MoveWindow
IsRectEmpty

rpcrt4

RpcStringFreeW

version

GetFileVersionInfoSizeW

gdi32

CreateRectRgnIndirect
CreateDIBitmap
CreateBitmap
SetWindowExtEx
GetObjectA
GetClipBox
BitBlt
SetMapMode
PatBlt
CreateFontIndirectW
SetROP2
SetTextAlign

advapi32

RegQueryValueExA
SetSecurityDescriptorDacl
GetTokenInformation
RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegEnumKeyExA
RegOpenKeyExW
AllocateAndInitializeSid
IsValidSid
RevertToSelf
QueryServiceStatus
RegDeleteKeyA

ole32

CoCreateInstance
CLSIDFromString
CoTaskMemRealloc

msvcrt

__dllonexit
??_V@YAXPAX@Z
memcpy
_lock
??2@YAPAXI@Z
??0exception@@QAE@ABV0@@Z
isdigit
_adjust_fdiv
_onexit
_callnewh
memset
_unlock
_initterm
realloc

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 185KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c49c3a7dc62a0d26459c33ff5752148

Headers

File Characteristics

Imports

kernel32

user32

rpcrt4

version

gdi32

advapi32

ole32

msvcrt

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 185KB - Virtual size: 434KB

.rsrc Size: 1024B - Virtual size: 942B

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 185KB - Virtual size: 434KB

.rsrc
Size: 1024B - Virtual size: 942B