0f416f2a59558774bf4f6799231c2b441abae078912c3f2324db8c1e5b4ef5c8

Sharing

Copy URL

Twitter E-mail

General

Target

0f416f2a59558774bf4f6799231c2b441abae078912c3f2324db8c1e5b4ef5c8
Size

556KB
MD5

60985097eabef1b073f9a6dd7d6b83a7
SHA1

c2c098460122d7d8f845b53ccdc38a094af520a3
SHA256

0f416f2a59558774bf4f6799231c2b441abae078912c3f2324db8c1e5b4ef5c8
SHA512

436823e24970d5632b1d26fd358887d3af1a5feeb2c64ff103140eae5eb3a423573315241f24adfb7128598de2f99dfea4b8c5dd7e0e02ff3cc876c5f584c837
SSDEEP

3072:e5uHoPWeFYmoqIcOrwkxBQW6MTVZRLFDe6lqAlfs2C+:1mW+PAcOzBQW6eXRFa68Ih

Score

N/A

Malware Config

Signatures

Files

0f416f2a59558774bf4f6799231c2b441abae078912c3f2324db8c1e5b4ef5c8
.exe windows x86

04e861974f381e33e9c96d28bc875c7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmStreamOpen

wininet

InternetOpenUrlA
InternetFindNextFileA

user32

ToAsciiEx
GetMenuState
RealGetWindowClassA
WaitMessage
EnumWindows
FlashWindow
IsClipboardFormatAvailable
BeginPaint
EnumChildWindows
GetUpdateRgn

shlwapi

StrTrimA
PathRemoveFileSpecA
SHRegGetUSValueA
PathFileExistsA

rpcrt4

RpcServerUseProtseqIfW

kernel32

WaitForMultipleObjectsEx
GetModuleHandleExW
CommConfigDialogA
lstrcpynA
OpenMutexA
TransmitCommChar
GetModuleHandleA
GetThreadUILanguage
GetLocalTime
GetBinaryTypeW
GetBinaryTypeA
lstrcatA
GetConsoleTitleW
GetNamedPipeInfo
GetLongPathNameA

rasapi32

RasFreeEapUserIdentityW

winspool.drv

DeletePrinterDriverExW

crypt32

CryptMsgDuplicate
CertOpenSystemStoreA

ole32

OleConvertOLESTREAMToIStorage
CoDisconnectObject
OleSetContainedObject

winmm

midiInGetDevCapsA
PlaySoundA
midiInAddBuffer
mixerGetLineControlsW
GetDriverModuleHandle

gdi32

OffsetClipRgn
Arc
MaskBlt
GdiSetBatchLimit
SelectObject
GetKerningPairsA
GetClipRgn
RectVisible
StrokePath
GetGlyphOutlineW
BitBlt
LineTo
EnumObjects
Polyline
CreatePatternBrush

msvcrt

strlen

lz32

LZSeek
LZInit

pdh

PdhMakeCounterPathW

comdlg32

GetSaveFileNameA
CommDlgExtendedError

cfgmgr32

CM_Locate_DevNodeW

msvfw32

ICLocate

ntdll

RtlInterlockedPopEntrySList
RtlCompareMemory

imm32

ImmGetContext

netapi32

NetApiBufferSize
NetGroupGetUsers

version

VerQueryValueW

mscms

CloseColorProfile

msi

ord29

Sections

.text
Size: 492KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04e861974f381e33e9c96d28bc875c7f

Headers

DLL Characteristics

File Characteristics

Imports

msacm32

wininet

user32

shlwapi

rpcrt4

kernel32

rasapi32

winspool.drv

crypt32

ole32

winmm

gdi32

msvcrt

lz32

pdh

comdlg32

cfgmgr32

msvfw32

ntdll

imm32

netapi32

version

mscms

msi

Sections

.text Size: 492KB - Virtual size: 489KB

.data Size: 48KB - Virtual size: 54KB

.idata Size: 4KB - Virtual size: 2KB

.text Size: 8KB - Virtual size: 4KB

.text
Size: 492KB - Virtual size: 489KB

.data
Size: 48KB - Virtual size: 54KB

.idata
Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB