a9a6aef55e7ddd6f4456788975b09671fdb04cabfd1b04450ece973fa52f1e0f

Sharing

Copy URL

Twitter E-mail

General

Target

a9a6aef55e7ddd6f4456788975b09671fdb04cabfd1b04450ece973fa52f1e0f
Size

4.0MB
MD5

cac5fa3ad04dc2ff996ebc1fdac44ff6
SHA1

679418894f5be792df542c29b5e57cc51aef27be
SHA256

a9a6aef55e7ddd6f4456788975b09671fdb04cabfd1b04450ece973fa52f1e0f
SHA512

d0a7c24a59264f618fefb446cd34916b13ae85ae3cc437e0014d8db4373912c45f7be670b30d83ce2ace73fda267770bc2476b16ca099faf01292787f22929df
SSDEEP

98304:daXTJBAUZLsq/ItBYjzCRwG/T8zIHAwnyK:daDJVA/tqjzmwcTyyyK

Score

1^/10

Malware Config

Signatures

Files

a9a6aef55e7ddd6f4456788975b09671fdb04cabfd1b04450ece973fa52f1e0f
.exe windows x86

98d004c9512687cf3190acfccdda5a3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
SetConsoleMode
GetConsoleMode
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetFileSize
ReadFile
WriteFile
SetFilePointer
GetStdHandle
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
CreateFileA
GetLastError
GetVersionExA
TerminateProcess
GetTickCount
Sleep
lstrcpyA
lstrlenA
SetLastError
lstrcatA
QueryPerformanceFrequency
QueryPerformanceCounter
DeviceIoControl
GetVersion
GetACP
SetErrorMode
lstrcpynA
GetCurrentThreadId
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
FlushFileBuffers
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
InterlockedExchange
FormatMessageA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetUserDefaultLCID
GetLocalTime
IsBadReadPtr
HeapReAlloc
ExitProcess
GetCommandLineA
GetModuleHandleA
TerminateThread
CreateThread
WriteProcessMemory
VirtualFreeEx
VirtualAllocEx
ReadProcessMemory
WaitForSingleObject
CreateRemoteThread
lstrcmpW
HeapCreate
HeapDestroy
HeapFree
RtlZeroMemory
InterlockedDecrement
InterlockedIncrement
HeapAlloc
RtlMoveMemory
GetProcessHeap
CreateDirectoryW
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
QueryDosDeviceW
Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
LocalFree
LocalAlloc
OpenProcess
GetCurrentProcess

user32

GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
SetForegroundWindow
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
FindWindowA
GetWindowThreadProcessId
MessageBoxA
RegisterWindowMessageA
IsIconic
GetMenuItemCount
GetDlgCtrlID
LoadStringA
wsprintfA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
GetWindowPlacement
SetFocus
GetClientRect
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
EnableWindow
PostMessageA
PostQuitMessage
GetParent
GetWindow
PtInRect
GetWindowLongA
GetWindowTextA
SetWindowLongA
GetDlgItem
SystemParametersInfoA
GetDC
ReleaseDC
GetClassNameA
SendMessageA
GetWindowRect
GetSystemMetrics
SetWindowPos
SetWindowTextA
DestroyWindow
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx

shlwapi

StrToIntExW
PathIsDirectoryW
StrToIntW

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetObjectA
GetStockObject
GetDeviceCaps
SelectObject
DeleteDC
DeleteObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible

ole32

CLSIDFromString
CoUninitialize
CoInitialize
CLSIDFromProgID
OleRun
CoCreateInstance

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetSetCookieA

psapi

GetModuleInformation
GetModuleFileNameExA
EnumProcessModules
GetProcessImageFileNameW

oleaut32

SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
VarR8FromBool
VarR8FromCy
SysFreeString
SafeArrayGetElemsize
SysAllocString
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
SafeArrayDestroy
SafeArrayUnaccessData

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comctl32

ord17

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98d004c9512687cf3190acfccdda5a3e

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

gdi32

ole32

wininet

psapi

oleaut32

winspool.drv

comctl32

msvcrt

iphlpapi

advapi32

shell32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.sedata Size: 2.5MB - Virtual size: 2.5MB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.sedata
Size: 2.5MB - Virtual size: 2.5MB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB