4cefd600d958f0b88eef1cef0729713693c334263f71f01edcfb39f26c9bc634

Sharing

Copy URL

Twitter E-mail

General

Target

4cefd600d958f0b88eef1cef0729713693c334263f71f01edcfb39f26c9bc634
Size

345KB
MD5

8161fc66fb09497071bdf39fe02ddb48
SHA1

1da039dacd62ac0f7816fc0251ab23106d5debc1
SHA256

4cefd600d958f0b88eef1cef0729713693c334263f71f01edcfb39f26c9bc634
SHA512

f2416baa41f0efb9136d4ce63bc8d9f529f0e1e7b05234c399025576f7d05db47507b123d92e9f225ffaf5a0d119d9dc980f65c7d8918a78cc04ac97da2f028c
SSDEEP

6144:CKtlvCLZG/ea9n1vzZQF4eUJroRnxsssxSQ:CKrv0ZGG872F7U9InWssxSQ

Score

N/A

Malware Config

Signatures

Files

4cefd600d958f0b88eef1cef0729713693c334263f71f01edcfb39f26c9bc634
.exe windows x86

f13c396da56f13240f7215ab8c0d1ebf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
GetWindowPlacement
BeginPaint
RegisterClassA
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyCaret
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFocusRect
DrawFrameControl
DrawMenuBar
EmptyClipboard
EnableWindow
EnumWindows
FillRect
GetAsyncKeyState
GetCapture
GetClassLongA
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDesktopWindow
GetFocus
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMessageA
GetSysColor
GetSysColorBrush
GetWindow
GetWindowLongA
GetWindowTextW
InsertMenuA
InsertMenuW
InvalidateRect
IsClipboardFormatAvailable
IsIconic
IsWindow
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorFromFileA
LoadIconA
MapVirtualKeyA
MessageBeep
MessageBoxA
MessageBoxW
MsgWaitForMultipleObjectsEx
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassExA
RegisterClassW
ReleaseCapture
ShowWindowAsync
IsCharAlphaNumericA
OpenIcon
ArrangeIconicWindows
InSendMessage
WindowFromDC
GetMessagePos
RegisterHotKey
GetSystemMenu
IsZoomed
GetComboBoxInfo
IsChild
GetLayeredWindowAttributes
ExitWindowsEx
MsgWaitForMultipleObjects
CharPrevA
LoadStringA
SetCursor
GetParent
GetSystemMetrics
GetClientRect
GetWindowTextLengthA
GetWindowTextA
GetDC
ReleaseDC
SendMessageA
MoveWindow
CreateWindowExA
DestroyIcon
DrawIcon
EndPaint
LoadCursorA
SetWindowTextA
GetAltTabInfoA

ole32

CreateBindCtx
CreateFileMoniker
GetRunningObjectTable

gdi32

GetDCPenColor
GetTextFaceA
CreateEllipticRgn
PlayMetaFile
SetROP2
GetBoundsRect
ColorMatchToTarget
PtVisible
CreatePen
GetClipRgn
GetDCBrushColor
SetMiterLimit
FlattenPath
SetBitmapDimensionEx
FillRgn
DeleteDC
CreateDiscardableBitmap
GetObjectA
GetCharABCWidthsW
GetWindowOrgEx
StrokePath
GetStretchBltMode
ResetDCW

netapi32

NetConnectionEnum

kernel32

InterlockedDecrement
InterlockedIncrement
SetHandleCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
GetModuleHandleW
HeapReAlloc
BuildCommDCBA
BuildCommDCBW
ClearCommError
CopyFileA
CopyFileW
CreateDirectoryW
CreateEventA
CreateFileMappingA
CreateFileW
CreatePipe
CreateProcessW
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EscapeCommFunction
ExitProcess
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FormatMessageA
GetACP
GetCommModemStatus
GetCommState
GetCommandLineA
GetComputerNameA
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeThread
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameA
GetFullPathNameW
GetLogicalDriveStringsA
GetModuleFileNameW
GetModuleHandleA
GetOverlappedResult
GetProcessHeap
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryW
HeapAlloc
HeapFree
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
RtlUnwind
GetCPInfo
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetConsoleOutputCP
SetStdHandle
HeapSize
LCMapStringA
LCMapStringW
FindResourceA
CreateFileA
IsDBCSLeadByte
LeaveCriticalSection
FlushFileBuffers
IsBadCodePtr
SetUnhandledExceptionFilter
GetFileType
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsBadReadPtr
_lclose
GetDiskFreeSpaceA
CreateProcessA
GlobalAlloc
GetExitCodeProcess
lstrcatA
GetSystemInfo
lstrcpyA
lstrlenA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTempFileNameA
GetWindowsDirectoryA
SetErrorMode
GetTempPathA
GetPrivateProfileIntA
lstrcmpiA
GetModuleFileNameA
GetTickCount
GetUserDefaultLCID
GlobalFree
GlobalUnlock
GlobalHandle
GetLocaleInfoA
GetCurrentThread
GetCurrentProcess
VerLanguageNameA
GetProcAddress
DeleteFileA
RemoveDirectoryA
GetFileAttributesA
CreateDirectoryA
GetDriveTypeA
OpenFile
GlobalLock
FreeLibrary
LoadLibraryA
CloseHandle
IsValidCodePage
SetFilePointer
WriteFile
ReadFile
GetVersionExA
GetLastError
CreateMemoryResourceNotification
SetProcessShutdownParameters
PostQueuedCompletionStatus
PrepareTape
GetProcessHandleCount
CancelWaitableTimer
GetTapeStatus
LocalShrink
TlsSetValue
AssignProcessToJobObject
lstrlenW
lstrcpynA
lstrcpyW
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObjectEx
WaitForSingleObject
WaitForMultipleObjects
VirtualQuery
VirtualProtect
UnmapViewOfFile
TlsGetValue
TlsFree
TlsAlloc
TerminateThread
Sleep
SetupComm
SetThreadPriority
SetLastError
SetHandleInformation
SetFileTime
SetFileAttributesW
SetFileAttributesA
SetEvent
SetEndOfFile
SetCurrentDirectoryW
SetCurrentDirectoryA
SetConsoleMode
SetCommTimeouts
SetCommState
SearchPathW
SearchPathA
ResetEvent
RemoveDirectoryW
ReleaseSemaphore
ReadConsoleW
ReadConsoleA
QueryPerformanceFrequency
QueryPerformanceCounter
PurgeComm
PeekNamedPipe
PeekConsoleInputA
OutputDebugStringA
MulDiv
MoveFileW
MoveFileA
MapViewOfFile
LockResource
LocalFree
LoadResource
LoadLibraryExW
LoadLibraryExA

Sections

.oluikjh
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ikujyhg
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jtyhgfr
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f13c396da56f13240f7215ab8c0d1ebf

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

gdi32

netapi32

kernel32

Sections

.oluikjh Size: 9KB - Virtual size: 8KB

.ikujyhg Size: 3KB - Virtual size: 2KB

.jtyhgfr Size: 2KB - Virtual size: 2KB

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 13KB - Virtual size: 344KB

.rsrc Size: 206KB - Virtual size: 206KB

.oluikjh
Size: 9KB - Virtual size: 8KB

.ikujyhg
Size: 3KB - Virtual size: 2KB

.jtyhgfr
Size: 2KB - Virtual size: 2KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 13KB - Virtual size: 344KB

.rsrc
Size: 206KB - Virtual size: 206KB