9dd5f8f89d2c6a9c36ad2481ec2253b8f943486c845868e8afe5b1cd7dc69241

Sharing

Copy URL Twitter E-mail

General

Target

9dd5f8f89d2c6a9c36ad2481ec2253b8f943486c845868e8afe5b1cd7dc69241
Size

324KB
MD5

4a9e265a8d796c2846aacf8a3b3a4a93
SHA1

642753aaa3f835cb719e7c11374be50c495592ba
SHA256

9dd5f8f89d2c6a9c36ad2481ec2253b8f943486c845868e8afe5b1cd7dc69241
SHA512

6a16dfb6d21852499645981931bebc5a2c1e2e40b3fd4c1caec1075939db4fe2a09d083acf25b42e3d285ffafc5ed67855029bc09a0323955131d4a49886cf1b
SSDEEP

6144:giMdW3333333333qzzzzzzzzzz9zaWWWpgPdZI1cYGk9j9J5uCo:JMarI1dGk9j9J5uCo

Score

1^/10

Malware Config

Signatures

Files

9dd5f8f89d2c6a9c36ad2481ec2253b8f943486c845868e8afe5b1cd7dc69241
.exe windows x86

fb2bd49ac914e65618613aae0866596c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
WriteProcessMemory
TerminateProcess
Module32Next
GetFullPathNameA
OpenProcess
CreateToolhelp32Snapshot
Sleep
GetLastError
LoadLibraryA
Process32Next
CloseHandle
VirtualAllocEx
CreateRemoteThread
CreateDirectoryA
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress

user32

FindWindowA
MessageBoxA
GetWindowThreadProcessId

shell32

ShellExecuteA

msvcp140d

??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
??1_Lockit@std@@QAE@XZ

urlmon

URLDownloadToFileA

vcruntime140d

__CxxFrameHandler3
__vcrt_GetModuleHandleW
__vcrt_LoadLibraryExW
__vcrt_GetModuleFileNameW
memcpy
_except_handler4_common
memset
__current_exception_context
__current_exception
_CxxThrowException
__std_exception_copy
memmove
__std_exception_destroy

ucrtbased

_c_exit
_exit
_configthreadlocale
_set_new_mode
__p__commode
terminate
_controlfp_s
_stricmp
_initterm_e
_initterm
_get_narrow_winmain_command_line
__setusermatherr
_set_app_type
_seh_filter_exe
_free_dbg
_cexit
_crt_atexit
_register_onexit_function
_initialize_narrow_environment
_configure_narrow_argv
malloc
_callnewh
strcpy_s
strcat_s
_wmakepath_s
_wsplitpath_s
wcscpy_s
_invalid_parameter
_CrtDbgReport
exit
_set_fmode
_register_thread_local_exe_atexit_callback
_initialize_onexit_table

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb2bd49ac914e65618613aae0866596c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

msvcp140d

urlmon

vcruntime140d

ucrtbased

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 1KB

.msvcjmc Size: 512B - Virtual size: 278B

.rsrc Size: 265KB - Virtual size: 265KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 1KB

.msvcjmc
Size: 512B - Virtual size: 278B

.rsrc
Size: 265KB - Virtual size: 265KB

.reloc
Size: 1KB - Virtual size: 1KB