48cfbb10d7cfec67e737d376835132865e4d55db838793bc73f30132b5d04b6f

Sharing

Copy URL

Twitter E-mail

General

Target

48cfbb10d7cfec67e737d376835132865e4d55db838793bc73f30132b5d04b6f
Size

148KB
MD5

84cfcd3f0944567a7bd62b9ebcdea920
SHA1

e192e5db0a32955f06bddd9902d474502b17d248
SHA256

48cfbb10d7cfec67e737d376835132865e4d55db838793bc73f30132b5d04b6f
SHA512

c62c266ce3e04bcb7479986c9ff3cb58fb8f7742aef830b90bed2ed7cb1784d29f9f1c96558e8ead79b4fa5195022b5bab5c99dc433874a2ba161d37d395ea6c
SSDEEP

3072:E1Ep0kSXrt2roRC9VB6INm/6Q8BqPDGaH3InYeGj:rzSBZCVUL/c47GaqY

Score

N/A

Malware Config

Signatures

Files

48cfbb10d7cfec67e737d376835132865e4d55db838793bc73f30132b5d04b6f
.exe windows x86

38b253caa9618f9f2cee555ba722f884

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

esent

JetCloseTable

iphlpapi

GetBestInterface

rasapi32

RasValidateEntryNameW

cfgmgr32

CM_Get_Device_ID_Size_Ex

secur32

QuerySecurityPackageInfoW

mprapi

MprConfigInterfaceGetInfo

setupapi

SetupDiSetClassInstallParamsA
SetupDiEnumDriverInfoA

user32

CheckRadioButton
GetMenuCheckMarkDimensions
GetShellWindow
CharToOemW
UnhookWinEvent
UnregisterHotKey
MessageBoxExW
OemToCharA
SetMenuItemBitmaps
GetWindowInfo
GetDlgItem
TabbedTextOutW
GetMenuStringA

netapi32

NetLocalGroupAddMember

rpcrt4

NdrDcomAsyncClientCall
NdrConformantStringMarshall
RpcRevertToSelf
RpcRevertToSelfEx

ole32

StgOpenPropStg
OleCreateStaticFromData

gdi32

LineDDA
GetSystemPaletteEntries
UpdateColors
CreatePalette
GetFontLanguageInfo
CreateMetaFileA

urlmon

CreateAsyncBindCtx
GetClassFileOrMime

kernel32

SuspendThread
DecodePointer
FormatMessageA
GetProcAddress
ReadConsoleA
GetSystemWow64DirectoryA
GetExitCodeProcess
GetPrivateProfileStructA
GetVersionExW
CopyFileW
GetProfileStringW
ReleaseSemaphore
GetLongPathNameA
GetConsoleSelectionInfo
GetCurrentProcess
GetHandleInformation
Thread32First
GetLongPathNameW
GetVersion
DosDateTimeToFileTime

winspool.drv

EnumPrintProcessorDatatypesW
GetPrinterDriverW

oleaut32

VarBoolFromR4
VariantClear
VarCyFromUI2
VarI4FromStr

comctl32

ImageList_DrawEx

shlwapi

StrFromTimeIntervalW
AssocIsDangerous
StrCmpNA
IsCharSpaceA
PathIsContentTypeW

crypt32

CertGetPublicKeyLength
CryptFindOIDInfo

winmm

mmioGetInfo
midiOutOpen
waveOutClose

wininet

FindCloseUrlCache
GetUrlCacheEntryInfoW

shell32

SHGetFolderPathA
ShellAboutA

advapi32

CryptHashSessionKey
ReadEventLogW
RegCreateKeyA
GetSecurityDescriptorDacl
RegOpenKeyA
GetFileSecurityW
GetAclInformation

msvfw32

ICGetInfo

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

g1q1
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38b253caa9618f9f2cee555ba722f884

Headers

File Characteristics

Imports

esent

iphlpapi

rasapi32

cfgmgr32

secur32

mprapi

setupapi

user32

netapi32

rpcrt4

ole32

gdi32

urlmon

kernel32

winspool.drv

oleaut32

comctl32

shlwapi

crypt32

winmm

wininet

shell32

advapi32

msvfw32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 16KB - Virtual size: 15KB

.idata Size: 4KB - Virtual size: 3KB

g1q1 Size: 40KB - Virtual size: 39KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 564B

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 16KB - Virtual size: 15KB

.idata
Size: 4KB - Virtual size: 3KB

g1q1
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 564B