4ea468d8b8015903bba0103eec44f772492a93c3d345d81bae253a492d8b1f51

Sharing

Copy URL

Twitter E-mail

General

Target

4ea468d8b8015903bba0103eec44f772492a93c3d345d81bae253a492d8b1f51
Size

424KB
MD5

627e7f4f2a1e8436da14489e7215b7da
SHA1

d72ecb51d1a6a0f18f0939c37ed06a0b90b50a0e
SHA256

4ea468d8b8015903bba0103eec44f772492a93c3d345d81bae253a492d8b1f51
SHA512

da583a7ff28f0aa65ac360e66717e7b53fe911cdabc592fde03e914b21cb18f703c45f3f59045f32af4f686bec841651849f97ddfd2e4155f1577b12b35f9c97
SSDEEP

6144:yHBKR8zpzWdU9V8EAQbsnwyv+U91PoxqHEwoXbftChXW3AxfulDGgB:qhzoO9KEAQbszmSdH6blCJxfS6

Score

N/A

Malware Config

Signatures

Files

4ea468d8b8015903bba0103eec44f772492a93c3d345d81bae253a492d8b1f51
.exe windows x86

90c891e10741aa42317884a3d3bb486a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

PageSetupDlgW
ChooseColorA

msvcrt

memcpy
wcstoul
isalnum

oleaut32

VarCyFromI1

user32

wsprintfW

setupapi

SetupBackupErrorA

ntdsapi

DsFreeSpnArrayA

pdh

PdhGetCounterInfoW

urlmon

CoInternetCombineUrl

ole32

HMENU_UserUnmarshal

imm32

ImmDestroyContext

kernel32

GlobalMemoryStatusEx
SetFilePointerEx
GetModuleFileNameA
DeleteTimerQueue
CreateThread
GetFirmwareEnvironmentVariableA
GetTapeStatus
SetFirmwareEnvironmentVariableA
HeapWalk

clusapi

OpenCluster

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ordo
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.t
Size: 4KB - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mrt1
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90c891e10741aa42317884a3d3bb486a

Headers

File Characteristics

Imports

comdlg32

msvcrt

oleaut32

user32

setupapi

ntdsapi

pdh

urlmon

ole32

imm32

kernel32

clusapi

Sections

.text Size: 12KB - Virtual size: 10KB

ordo Size: 4KB - Virtual size: 1KB

.t Size: 4KB - Virtual size: 46B

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 100KB - Virtual size: 367KB

.mrt1 Size: 100KB - Virtual size: 97KB

CODE Size: 100KB - Virtual size: 97KB

.rsrc Size: 96KB - Virtual size: 94KB

.text
Size: 12KB - Virtual size: 10KB

ordo
Size: 4KB - Virtual size: 1KB

.t
Size: 4KB - Virtual size: 46B

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 100KB - Virtual size: 367KB

.mrt1
Size: 100KB - Virtual size: 97KB

CODE
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 96KB - Virtual size: 94KB