9fd862683e88db78dc1b8dd40c1e78cd4845abc7cd059e8f941b043c2e7f45b1

Sharing

Copy URL Twitter E-mail

General

Target

9fd862683e88db78dc1b8dd40c1e78cd4845abc7cd059e8f941b043c2e7f45b1
Size

336KB
MD5

8619ee0badbe7d2eeebea4db16521a75
SHA1

7717f7250722526ba603e31d3b5cbeb3f064e520
SHA256

9fd862683e88db78dc1b8dd40c1e78cd4845abc7cd059e8f941b043c2e7f45b1
SHA512

77c42a4acc31b45f221a23da97fded94c1f23f2f683bc5894ec7ff648deeccfcd84fe5d6e63b819444fcac7e68feafe569203a00b37ba7139fe54999c9500dda
SSDEEP

6144:92j3rX0jMiCjJa0PITuovwqYj3sAnE5CAapzVwqmN9P31xi/AS:9A3gjhCjJaKsuov9Yj3HE5wdY37i9

Score

N/A

Malware Config

Signatures

Files

9fd862683e88db78dc1b8dd40c1e78cd4845abc7cd059e8f941b043c2e7f45b1
.exe windows x86

dd3531c2a8cb80e742baa7ba65b4fed0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
GetOverlappedResult
SetNamedPipeHandleState
OpenEventW
WaitNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
TerminateThread
DeleteFileW
CreateThread
SetLastError
SetFileAttributesW
RemoveDirectoryW
GetTempPathW
WaitForMultipleObjects
FileTimeToSystemTime
LocalFileTimeToFileTime
GetLocalTime
CreateWaitableTimerW
GetSystemPowerStatus
OpenMutexW
OpenWaitableTimerW
SetWaitableTimer
CopyFileW
InterlockedExchange
GetUserDefaultLangID
lstrcatW
InitializeCriticalSection
GetProcAddress
LoadLibraryExW
lstrcpyW
lstrcpynW
GetCommandLineW
lstrlenA
GetShortPathNameW
GetCurrentThreadId
lstrcmpiW
GetCurrentThread
CreateEventW
FindResourceW
InterlockedDecrement
SetPriorityClass
CompareStringW
CompareStringA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapSize
ExitThread
GetTimeZoneInformation
GetFileType
SetStdHandle
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
ExitProcess
GetStartupInfoW
GetCurrentDirectoryW
GetProcessVersion
GlobalFlags
lstrcmpW
GetFileTime
GetFileSize
GetFileAttributesW
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SuspendThread
SetThreadPriority
ResumeThread
GetModuleHandleA
LoadLibraryA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GlobalLock
GetLastError
GlobalUnlock
GetVersion
FileTimeToLocalFileTime
FindNextFileW
InterlockedIncrement
WritePrivateProfileStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
SetEnvironmentVariableW
GetStringTypeA
GetStringTypeW
WaitForSingleObject
FreeLibrary
LoadLibraryW
SetEvent
CreateMutexW
GetModuleFileNameW
GetDateFormatW
GetTimeFormatW
CloseHandle
DeviceIoControl
CreateFileW
GetDriveTypeW
GetLogicalDrives
ReadFile
WriteFile
SetFilePointer
GetVolumeInformationW
GetDiskFreeSpaceExW
GlobalFree
GetPrivateProfileIntW
GetPrivateProfileStringW
GetExitCodeProcess
Sleep
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
FindClose
FindFirstFileW
SizeofResource
GetModuleHandleW
LockResource
LoadResource
GetCurrentProcess
BackupWrite
CreateDirectoryW
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetSystemTime
LocalFree
GetDriveTypeA
CreateFileA
ResetEvent
ReleaseMutex

shlwapi

PathFileExistsW

sensapi

IsDestinationReachableW

user32

KillTimer
SetTimer
PeekMessageW
SendMessageW
IsWindowEnabled
GetDlgItem
MessageBoxW
PostQuitMessage
GetParent
GetSystemMetrics
GetActiveWindow
EndDialog
GetWindowLongW
DestroyWindow
GetWindowPlacement
IsIconic
SystemParametersInfoW
GetMessageW
RegisterWindowMessageW
SetWindowPos
DispatchMessageW
PostThreadMessageW
CharNextW
GetTopWindow
EnableWindow
SetWindowLongW
GetWindow
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
RemovePropW
CallWindowProcW
GetPropW
UnhookWindowsHookEx
SetPropW
CallNextHookEx
wsprintfW
LoadStringW
GetNextDlgTabItem
SetWindowsHookExW
GetWindowRect
GetKeyState
CreateWindowExW
DefWindowProcW
GetDlgCtrlID
GetWindowTextW
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetCapture
DestroyMenu
GetSysColorBrush
LoadCursorW
GrayStringW
DrawTextW
TabbedTextOutW
GetDC
ReleaseDC
ClientToScreen
PtInRect
GetClassNameW
CharUpperW
TranslateMessage
ValidateRect
GetCursorPos
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextW
LoadIconW
PostMessageW
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
IsWindowVisible

gdi32

SetTextColor
SetBkColor
GetClipBox
CreateBitmap
DeleteObject
GetObjectW
SelectObject
GetStockObject
DeleteDC
GetDeviceCaps
SaveDC
RestoreDC
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CopySid
RegCloseKey
InitializeSecurityDescriptor
StartServiceCtrlDispatcherW
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
GetTokenInformation
OpenThreadToken
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
DeleteService
OpenSCManagerW
SetSecurityDescriptorDacl
RegSetValueExW
RegCreateKeyExW
SetServiceStatus
RegisterServiceCtrlHandlerW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegOpenKeyExW
RegQueryValueExW
ControlService
OpenServiceW
CreateServiceW
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

ord680
ShellExecuteExW

comctl32

ord17

ole32

CoRevokeClassObject
CoInitializeEx
CoInitialize
CoRegisterClassObject
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeSecurity
CoUninitialize

oleaut32

RegisterTypeLi
VarUI4FromStr
LoadTypeLi
VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd3531c2a8cb80e742baa7ba65b4fed0

Headers

File Characteristics

Imports

kernel32

shlwapi

sensapi

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 32KB - Virtual size: 119KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 32KB - Virtual size: 119KB

.rsrc
Size: 72KB - Virtual size: 68KB