4f431be22b49fef245353a3f2ff07b395a6e264751f9a625ae6e98fb6e025ceb

Sharing

Copy URL

Twitter E-mail

General

Target

4f431be22b49fef245353a3f2ff07b395a6e264751f9a625ae6e98fb6e025ceb
Size

166KB
MD5

9bb091b65df0dfcb2628ed9c22470ab8
SHA1

9d8d6f1a38e2338e7ab638a65d6032041a86fa43
SHA256

4f431be22b49fef245353a3f2ff07b395a6e264751f9a625ae6e98fb6e025ceb
SHA512

0eabab08493381ac5618c26f2ba9d584b817f421896f78fb01e6955e4c52142abd8fcc6b691eb0345cd91f18ca1911808ed9ecd63238ff26c672ab392c362168
SSDEEP

3072:wunP7XvFj6GqpsFSdZwIRPl7rss+6PQcq14v7twbXAX5qcpyWyVUzxHdJqWRkqE:7nTXvFjUpjZF7rss+QQcquy

Score

N/A

Malware Config

Signatures

Files

4f431be22b49fef245353a3f2ff07b395a6e264751f9a625ae6e98fb6e025ceb
.exe windows x86

437e1bf09ca1e8beac407d233fa4e02c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

oleaut32

LoadTypeLibEx
LoadRegTypeLi
VarCyMulI4

advapi32

DecryptFileW
EnumServicesStatusExW
GetCurrentHwProfileW
CryptHashSessionKey
GetServiceDisplayNameA
IsTextUnicode
LookupPrivilegeDisplayNameW
GetSidIdentifierAuthority
GetPrivateObjectSecurity
GetSidSubAuthorityCount
GetFileSecurityA
LookupPrivilegeNameW
LookupAccountNameA
GetCurrentHwProfileA
GetSecurityDescriptorControl
GetTokenInformation
InitiateSystemShutdownA
GetFileSecurityW
GetUserNameA

winspool.drv

FindClosePrinterChangeNotification
DeletePrinter
DeletePrinterDriverW

msvcrt

strcspn
fwrite
ungetwc
system
mbtowc
fgetws
towupper
strncmp

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitialize

clusapi

GetClusterFromResource

wininet

FindNextUrlCacheGroup
DeleteUrlCacheEntryW
FindCloseUrlCache
GetUrlCacheEntryInfoA
FindFirstUrlCacheEntryW
InternetGoOnline

secur32

FreeCredentialsHandle

shlwapi

GetMenuPosFromID

user32

EnumWindows
LockWorkStation
GetRawInputDeviceInfoW
DrawTextW
GetScrollInfo
GetProcessDefaultLayout
CreateWindowExW
GetWindowTextLengthW
IsClipboardFormatAvailable
InsertMenuItemA
SetWindowPlacement
InvalidateRect
MoveWindow
SetWindowLongW
MessageBeep
GetClipboardViewer
GetMenuCheckMarkDimensions
LoadImageA
CharNextW
GetMenuStringA
GetWindowRect
GetWindowRgn
GetMenuStringW
GetForegroundWindow
GetCapture
LookupIconIdFromDirectoryEx
SetCursor
DialogBoxParamW
GetSystemMenu
FillRect
OpenClipboard
GetUpdateRect
RegisterClassExW
EnableMenuItem
GetMessageW
EnumWindowStationsA
DrawStateW
GetSystemMetrics
DrawFocusRect
FindWindowW
SetForegroundWindow
DefMDIChildProcA
GetClassInfoExA
FreeDDElParam
DrawIcon
FlashWindow
GetMenuState
FindWindowExW
LoadCursorW
DeleteMenu
LoadImageW
PostQuitMessage
GetKeyboardLayout
SetActiveWindow
CloseClipboard
GetShellWindow
GetPriorityClipboardFormat
GetSubMenu
LoadAcceleratorsW
LockWindowUpdate
SendMessageW
LoadIconW
DefWindowProcW
CharUpperW
DestroyMenu
GetMessageExtraInfo
GetCursorInfo
IsRectEmpty
GetMessageA
UpdateWindow
RegisterWindowMessageW
GetWindowLongW
GetWindowLongA
GetDlgItem
CheckMenuItem
SetScrollPos
LockSetForegroundWindow
GetSysColorBrush
GetScrollPos
GetComboBoxInfo
DestroyWindow
IsIconic
GetWindowTextW
CreateDialogParamW
LoadKeyboardLayoutW
GetWindowPlacement
DestroyCursor
EnableWindow
PeekMessageW
LoadMenuIndirectA
SetWindowPos
IsWindowUnicode
CreateIconFromResource
RemoveClipboardFormatListener
DestroyCaret

shell32

ExtractIconExA
ExtractAssociatedIconA
ExtractIconA

mscms

GetColorProfileHeader
GetColorDirectoryW
GetColorProfileElement

gdi32

GetRegionData
GetTextFaceW
GetCharWidthFloatA
GetCurrentPositionEx
GetViewportOrgEx
GetTextExtentExPointI
GetBkColor
GdiSetBatchLimit
GetRasterizerCaps
ExtSelectClipRgn
DescribePixelFormat
GetLogColorSpaceA
GetTextExtentExPointW
ExtEscape
GetOutlineTextMetricsA
GetClipBox
DeleteColorSpace
GetTextCharset
GetTextExtentPointA
GetFontData
GetCharWidthW
GetTextCharsetInfo
GetPolyFillMode
GetLayout

kernel32

GetSystemInfo
GetProfileStringW
EraseTape
GetCommProperties
ExpandEnvironmentStringsA
GetPrivateProfileSectionNamesW
GetFileAttributesExW
FindNLSString
EnumSystemCodePagesA
FindFirstFileExW
FindVolumeClose
FindActCtxSectionStringW
lstrcmpW
WriteProfileStringA
GetSystemWindowsDirectoryA
GetSystemTime
GetWindowsDirectoryA
lstrcpynA
GetVolumePathNameW
GetSystemDirectoryA
FindNextFileA
GetProfileSectionA
GetPrivateProfileStringA
GetPrivateProfileStructW
GlobalUnlock
GlobalAlloc
FreeConsole
FormatMessageW
GlobalGetAtomNameA
FileTimeToDosDateTime
GetComputerNameExW
GetCommTimeouts
GetPrivateProfileSectionA
GetSystemPowerStatus
GetDiskFreeSpaceExA
WriteProfileSectionA
LocalFree
GetModuleFileNameW
GetFileAttributesA
GetStringTypeExW
GetFileInformationByHandle
GetCompressedFileSizeA
GetConsoleDisplayMode
WriteProfileStringW
GetConsoleOutputCP
GetPrivateProfileSectionW
VirtualAlloc
GetCurrentProcess
IsWow64Process
Wow64DisableWow64FsRedirection
GetTempFileNameW
LoadLibraryExW
DeactivateActCtx
GetCurrentDirectoryA
GetTempFileNameA
lstrcatW
LoadLibraryW
FindAtomW
FreeLibraryAndExitThread
InterlockedExchange
GlobalFree
GetCurrencyFormatW
HeapAlloc
lstrcpynW
CreateFileMappingW
GlobalAddAtomW
GetThreadSelectorEntry
VirtualQuery
GetFileAttributesW
UnmapViewOfFile
GlobalFindAtomA
DefineDosDeviceW
GetFileSizeEx
CreateThread
GetLocalTime
MapViewOfFile
GetShortPathNameA
GetTimeFormatW
GlobalLock
GetConsoleCursorInfo
FlsGetValue
GetFileType
SetErrorMode
QueryIdleProcessorCycleTime
GetConsoleMode
GetModuleHandleA
EnumSystemGeoID
Wow64RevertWow64FsRedirection
GlobalAddAtomA
GlobalHandle
FindNextVolumeW
GetProcessHeap
VirtualFree
FindResourceExA
GetAtomNameA
EnumResourceNamesW
GetDateFormatW
MultiByteToWideChar
GetUserDefaultUILanguage
LocalAlloc
EscapeCommFunction
FindResourceA
HeapFree
GetUserDefaultLangID
DeviceIoControl
GetAtomNameW
GetTapeStatus

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 111KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

437e1bf09ca1e8beac407d233fa4e02c

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

advapi32

winspool.drv

msvcrt

ole32

clusapi

wininet

secur32

shlwapi

user32

shell32

mscms

gdi32

kernel32

Sections

.text Size: 45KB - Virtual size: 44KB

CODE Size: 111KB - Virtual size: 119KB

CONST Size: 8KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 744B

.text
Size: 45KB - Virtual size: 44KB

CODE
Size: 111KB - Virtual size: 119KB

CONST
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 744B