4ba9c14e8123fd90208e8d4abfba407aa1832055acc64451c120d17d179b6af3

Sharing

Copy URL

Twitter E-mail

General

Target

4ba9c14e8123fd90208e8d4abfba407aa1832055acc64451c120d17d179b6af3
Size

2.6MB
MD5

88aaabfa7462cf22c521309a75c8b077
SHA1

983a0b0f77c80f0deb3771377041d9f070fa66c1
SHA256

4ba9c14e8123fd90208e8d4abfba407aa1832055acc64451c120d17d179b6af3
SHA512

de7017ef3c09c2b08d7e1752d5aeb68c3fc6bf3e9bd839998ec82e9e0c6bf99665902a5fb19960fb1ef3098229214b2310d2ea0dfd3e1d4f6904d6fc6d2b17fc
SSDEEP

49152:3fUFLY1XynWjZtnENylA4tKz7Dy+hiEoUU2aWQ0CO:vO2ynWNtENylA4tCDZiiU2aJ0CO

Score

N/A

Malware Config

Signatures

Files

4ba9c14e8123fd90208e8d4abfba407aa1832055acc64451c120d17d179b6af3
.exe windows x86

0e1b2afa0f91f3d092ff1e74bb5e3905

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
lstrcpyA
lstrcpy
lstrcmpiA
WritePrivateProfileStructA
GetModuleHandleW
VerLanguageNameA
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
SetThreadAffinityMask
SetCommConfig
QueueUserAPC
QueryPerformanceCounter
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryExW
GlobalCompact
GetWindowsDirectoryA
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
GetProcessVersion
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
FormatMessageW
FindNextVolumeMountPointA
EnumSystemLanguageGroupsW
EndUpdateResourceW
CreateRemoteThread
VirtualAlloc

user32

GetDC
IsIconic
GetLastActivePopup
LoadIconA
LoadCursorW
CharLowerW
CharUpperW
IsMenu
GetProcessWindowStation
GetWindowTextLengthW
GetMenu
GetMenuContextHelpId
GetMessageExtraInfo
GetShellWindow
GetClipboardSequenceNumber
GetDlgCtrlID
GetDialogBaseUnits
IsCharLowerW
AppendMenuW
CharLowerBuffA
DdeQueryStringA
DrawIcon
EnumDisplayDevicesW
EnumPropsExW
GetClientRect
GetClipboardFormatNameA
GetComboBoxInfo
GetTabbedTextExtentA
RegisterClassW
SetCapture
SetCursorPos
SetDlgItemTextW
SetFocus
SetMenuContextHelpId
SetSysColors
SetWindowLongA
ToUnicode
GetMessagePos

gdi32

CreateScalableFontResourceA
CreateFontW
CreateEllipticRgn
CreateDIBSection
CreateCompatibleBitmap
ColorMatchToTarget
AddFontResourceW
CreateMetaFileW
GetTextCharset
CreatePatternBrush
CloseEnhMetaFile
DeleteDC
FillPath
CreateScalableFontResourceW
GetStockObject
WidenPath
GetMapMode
FONTOBJ_cGetAllGlyphHandles
FontIsLinked
GdiConvertAndCheckDC
GdiConvertFont
GdiInitSpool
GdiSetBatchLimit
GetCharABCWidthsFloatA
GetDCBrushColor
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFilePaletteEntries
EndPath
EngPlgBlt
EngReleaseSemaphore
EngStretchBltROP
EngWideCharToMultiByte
EnumFontFamiliesExA
ExtCreatePen
CreateSolidBrush
GdiIsPlayMetafileDC
StrokeAndFillPath
StartFormPage
SetRelAbs
SetMetaRgn
SetLayoutWidth
SetBitmapBits
RoundRect
RemoveFontMemResourceEx
PlgBlt
OffsetViewportOrgEx
GetWinMetaFileBits
GetTextFaceA
GetTextExtentExPointI
GetPaletteEntries
GetMetaRgn
GetMetaFileW
GetLayout
ExtCreateRegion

advapi32

RegQueryValueExA
ConvertStringSidToSidW
LookupAccountNameW
LookupAccountSidW
RegCloseKey
RegEnumValueW
RegOpenKeyExW
RegOpenKeyA

shell32

SHEmptyRecycleBinA
ShellExecuteW
ShellExecuteEx
ShellExecuteA
SHPathPrepareForWriteW
SHLoadInProc
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconExA
ExtractIconW
FindExecutableA
FindExecutableW
SHCreateDirectoryExA
SHEmptyRecycleBinW
SHFileOperationA
SHFileOperationW
SHGetDataFromIDListA
SHGetDesktopFolder
SHGetFolderPathA
SHGetFolderPathW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHIsFileAvailableOffline
Shell_NotifyIcon

ole32

CoInitializeEx
CoRegisterSurrogateEx
CoUninitialize
CLSIDFromString

shlwapi

StrRStrIA
StrCmpNIA
StrCmpNA
StrStrA
StrChrIW

msvcrt

_exit
wprintf
wcsncpy
wcslen
wcschr
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_initterm
_iob
_wcsicmp
_wcsnicmp
_wfopen
exit
fgetwc
fgetws
fwprintf
memcpy
memset
rewind
setlocale

Sections

.text
Size: 1.9MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 596KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e1b2afa0f91f3d092ff1e74bb5e3905

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 1.9MB - Virtual size: 1.8MB

.rdata Size: 596KB - Virtual size: 595KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 1.9MB - Virtual size: 1.8MB

.rdata
Size: 596KB - Virtual size: 595KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 41KB - Virtual size: 41KB