4ad7edece0219c510a320143200f7f65985bfcf3c237f14e25fdcb7a0575a93c

Sharing

Copy URL

Twitter E-mail

General

Target

4ad7edece0219c510a320143200f7f65985bfcf3c237f14e25fdcb7a0575a93c
Size

456KB
MD5

1257ddc34adcd280abf6c9035bd84a5c
SHA1

4e0786eaef0cbd39e1c5d1932c36eab1d64cd2df
SHA256

4ad7edece0219c510a320143200f7f65985bfcf3c237f14e25fdcb7a0575a93c
SHA512

079fc8bbe872f4ff995093f5a1ab54293da568ef34bbcdfe866525635b8793af6b0aa0272e063c6becba5c5f0c15048c44e1c71cc19a7a38ca456b4b87a1d13e
SSDEEP

12288:gNPL3MXwFINeYaK37TN/5g9tCtXCPR75rFWQu3V3MOBl:gNPLcXwFIQvK37TN/vuBFW5lcm

Score

N/A

Malware Config

Signatures

Files

4ad7edece0219c510a320143200f7f65985bfcf3c237f14e25fdcb7a0575a93c
.exe windows x86

d03c052972ee04d60fc3b75208044dc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
GetFileSizeEx
GetConsoleCP
FlushFileBuffers
GetProcessHeap
OutputDebugStringW
ReadConsoleW
GetConsoleMode
ReadFile
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
GetModuleFileNameA
HeapReAlloc
HeapFree
HeapAlloc
WriteConsoleW
GetModuleFileNameW
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
VirtualQuery
LoadLibraryExW
FreeLibrary
RtlUnwind
RaiseException
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
HeapSize
OutputDebugStringA
MultiByteToWideChar
ExpandEnvironmentStringsA
CreateEventA
WaitForSingleObject
GetLastError
VirtualAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleHandleA
GlobalFree
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GlobalAlloc
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
CreateFileW
IsProcessorFeaturePresent
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime

user32

GetMenuCheckMarkDimensions
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
PostQuitMessage
RegisterClassA
CreateWindowExA
ShowWindow
MoveWindow
UpdateWindow
IsDialogMessageA
CheckMenuRadioItem
FindWindowExA
GetParent
SetWindowLongA
GetWindowLongA
InflateRect
CopyRect
ClientToScreen
GetCursorPos
AdjustWindowRect
SetWindowTextA
BeginPaint
ReleaseDC
GetDC
AllowSetForegroundWindow
GetMenuItemInfoA
GetClientRect
EnableMenuItem
GetSystemMenu
GetSystemMetrics
GetKeyState
SetFocus
GetDialogBaseUnits
SendDlgItemMessageA
GetDlgItem
CreateDialogParamA
SetWindowPos
CallWindowProcA
SendMessageA
DrawFrameControl
EnumDesktopsA
LoadCursorA
GetWindowTextLengthA
GetWindowTextA

gdi32

SelectObject
GetStockObject
GetPixel
GetDeviceCaps
Ellipse
CreateEllipticRgn
CreateDCA
BitBlt
StretchBlt

comdlg32

GetOpenFileNameA

advapi32

CryptDecrypt
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptEncrypt
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext

ole32

CreateStreamOnHGlobal

ws2_32

WSAStartup

netapi32

NetWkstaUserGetInfo

avifil32

AVIFileCreateStreamA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shlwapi

PathFindOnPathA
StrToIntExA
PathFindSuffixArrayA

rpcrt4

I_RpcServerSetAddressChangeFn
RpcStringBindingComposeA

snmpapi

SnmpUtilIdsToA
SnmpUtilMemReAlloc
SnmpUtilOctetsCmp

tapi32

lineAddToConference
lineAddProviderW

Sections

.text
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d03c052972ee04d60fc3b75208044dc1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

ws2_32

netapi32

avifil32

version

shlwapi

rpcrt4

snmpapi

tapi32

Sections

.text Size: 238KB - Virtual size: 238KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 6KB - Virtual size: 13KB

.gfids Size: 1024B - Virtual size: 596B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 238KB - Virtual size: 238KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 6KB - Virtual size: 13KB

.gfids
Size: 1024B - Virtual size: 596B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 13KB - Virtual size: 13KB