816_jjkxc8ng33[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

816_jjkxc8ng33.exe
Size

9.5MB
MD5

d60562ee2adbe125c328b91727744e65
SHA1

d46eeea4ac1f008a65817952367016886c39a573
SHA256

fc0c6be651b493cb7eb6e019670d3ccf378dedac2dad51460e299512ffeec598
SHA512

484ebdc9bac008917dcf2197bf99f7b1d1a02ca1387b9b34f2ca99ca89b30b8a866922c380467f2ee109c2cf885b45864fc2aa7da0f82249b5489a7024984073
SSDEEP

196608:8r45Og+U7Mf8tNSPFOGqIFACQM6rwQaKMYzgJZ3:yQ/rSPCpfr6YzgJZ3

Score

N/A

Malware Config

Signatures

Files

816_jjkxc8ng33.exe
.exe windows x86

c9bf1c713b24550a09f4bf689e103f83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
WritePrivateProfileStringA
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
GlobalMemoryStatusEx
WriteProcessMemory
Sleep
LoadLibraryA
CloseHandle
VirtualProtectEx
GetProcAddress
VirtualAllocEx
ReadProcessMemory
CreateRemoteThread
VirtualFreeEx
GetExitCodeProcess
OpenProcess
CreateThread
GetModuleHandleA
Process32Next
RaiseException
FormatMessageA
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetFileInformationByHandleEx
AreFileApisANSI
GetStdHandle
SetConsoleTextAttribute
CreateFileA
Process32First
GetLocaleInfoEx
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
GetFileAttributesExW
LocalFree

user32

LoadCursorA
DispatchMessageA
AdjustWindowRectEx
DestroyWindow
MessageBoxA
UnregisterClassA
EnumDisplayDevicesA
GetCursorPos
FindWindowA
GetDesktopWindow
MapVirtualKeyA
GetAsyncKeyState
SetWindowPos
GetActiveWindow
ShowWindow
ScreenToClient
GetCapture
GetWindowRect
SetRect
SetWindowLongA
GetWindowLongA
ReleaseCapture
UpdateWindow
RegisterClassExA
PeekMessageA
SetCapture
DefWindowProcA
TranslateMessage
CreateWindowExA

advapi32

RegOpenKeyA
RegQueryValueExA
GetUserNameA

shell32

SHGetFolderPathW

msvcp140

??0_Lockit@std@@QAE@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Winerror_map@std@@YAHH@Z
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Syserror_map@std@@YAPBDH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_join
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
_Query_perf_frequency
_Thrd_sleep
_Query_perf_counter
_Xtime_get_ticks
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??1_Lockit@std@@QAE@XZ

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateSprite
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateFontA

wininet

InternetGetConnectedState
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

vcruntime140

__current_exception_context
__std_terminate
_except_handler4_common
_CxxThrowException
memchr
__CxxFrameHandler3
memcpy
__current_exception
memmove
memset
__std_exception_destroy
__std_exception_copy

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
_get_stream_buffer_pointers
__p__commode
_fseeki64
fread
fsetpos
ungetc
setvbuf
fgetpos
__stdio_common_vsprintf
fclose
fwrite
__acrt_iob_func
fputc
_set_fmode
fgetc
__stdio_common_vsnprintf_s
fflush

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_wassert
terminate
_exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_c_exit
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_controlfp_s
exit
_errno
system
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_beginthreadex

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
_set_new_mode

api-ms-win-crt-convert-l1-1-0

strtod
strtoll
strtoull

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
remove
_lock_file

api-ms-win-crt-string-l1-1-0

strcat_s
strcpy_s

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
localeconv
_configthreadlocale

api-ms-win-crt-math-l1-1-0

floor
_dsign
roundf
__setusermatherr
_dclass
ceil

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9bf1c713b24550a09f4bf689e103f83

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcp140

d3d9

d3dx9_43

wininet

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 7.3MB - Virtual size: 7.3MB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 7.3MB - Virtual size: 7.3MB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 2.0MB - Virtual size: 2.0MB