f9f9e4fbd0ec26a201b3b39db5c5513fb55974a97234f8b7234bd0c8ba6431f0

Sharing

Copy URL Twitter E-mail

General

Target

f9f9e4fbd0ec26a201b3b39db5c5513fb55974a97234f8b7234bd0c8ba6431f0
Size

212KB
MD5

43c6b061ad8b21fb27f6b2cc39a32c39
SHA1

eb8c368834ca3780c732b9a1aa60f808316048cb
SHA256

f9f9e4fbd0ec26a201b3b39db5c5513fb55974a97234f8b7234bd0c8ba6431f0
SHA512

a08aa06113c2493d6398fa9ca5b12aae52ed3a161f1df9ec6c52090581ef4e04258a3a33cb32ff67f03ccb4c67311ff836bdbb58821194d3ac166c11248675dd
SSDEEP

3072:eRH6Uf+yOUPxnxQDMcNPlBauCB6jBeQMYdGeMfuhYKTuE5yVRhOF7t:eRH6o+yOQn0PlBZCBjPeMfoT5kr

Score

1^/10

Malware Config

Signatures

Files

f9f9e4fbd0ec26a201b3b39db5c5513fb55974a97234f8b7234bd0c8ba6431f0
.exe windows x86

617157d4575ac8c2cf6618c9730ab986

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetQueuedCompletionStatus
GetLastError
CloseHandle
IsBadStringPtrA
IsBadCodePtr
VirtualQuery
InterlockedIncrement
HeapFree
FlushFileBuffers
CreateFileA
GetSystemInfo
CreateIoCompletionPort
HeapDestroy
GetProcessHeap
HeapCreate
ExitProcess
GetTickCount
GetModuleHandleA
lstrlenA
HeapSize
WriteConsoleW
HeapReAlloc
HeapAlloc
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
VirtualAlloc
InitializeCriticalSection
LoadLibraryA
GetCommandLineA
GetVersionExA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
Sleep
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

GetMessageW
DrawTextW
TranslateMessage
DispatchMessageW

gdi32

CreateBitmap
CreateCompatibleBitmap
CreatePen
DeleteDC
BitBlt
CreateRectRgn
CreateCompatibleDC
DeleteObject

shlwapi

PathCompactPathExW
PathMakeSystemFolderW

advapi32

IsTextUnicode
GetUserNameW
ReportEventW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

winmm

waveOutGetNumDevs
PlaySoundW

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

617157d4575ac8c2cf6618c9730ab986

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

advapi32

shell32

ole32

winmm

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 144KB - Virtual size: 141KB

.data Size: 8KB - Virtual size: 13KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 144KB - Virtual size: 141KB

.data
Size: 8KB - Virtual size: 13KB