4dd92acabaf20c9749713447692a0f91dc672b960cb7e2fcdc6e018960d90caf

Sharing

Copy URL

Twitter E-mail

General

Target

4dd92acabaf20c9749713447692a0f91dc672b960cb7e2fcdc6e018960d90caf
Size

211KB
MD5

35e92fe30af505779b26a7b877eb0f70
SHA1

9936ba4740f138abb49f07d282ee18b5997ba648
SHA256

4dd92acabaf20c9749713447692a0f91dc672b960cb7e2fcdc6e018960d90caf
SHA512

a8342cf4bd5f7b1bcc72687df083017672c0421f45d2973f48bafa03f7a07a19e6aef07777b93d41b27f59b738ae12126d0a351b07b8b82ad6bd5d2eb48a5ef9
SSDEEP

3072:6vGRRUilA66/q1rq8gIpHKQgcyV5THulOr8h52oigI75ehCb2dbLriMos/C:6vyRUiF99q8gIkDc26lOSC

Score

N/A

Malware Config

Signatures

Files

4dd92acabaf20c9749713447692a0f91dc672b960cb7e2fcdc6e018960d90caf
.exe windows x86

ea2e95008116eb33ba06c193e4059804

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateLinkFromData

avifil32

AVIStreamInfoW

advapi32

IsTokenRestricted
LogonUserW
ReportEventW
ImpersonateSelf

shlwapi

StrStrIW
StrChrA

kernel32

ApplicationRecoveryInProgress
GetOverlappedResult
IsProcessorFeaturePresent
CreateToolhelp32Snapshot
OpenEventW
lstrlenA
GetTimeFormatA
GetAtomNameW
GetModuleHandleW
OpenFileById
GetBinaryTypeA
FlushProcessWriteBuffers
CancelSynchronousIo
Sleep
ResumeThread
SleepEx
GetOEMCP

cfgmgr32

CM_Get_DevNode_Custom_PropertyW

oleaut32

VarCyMul

secur32

QueryContextAttributesW

urlmon

HlinkSimpleNavigateToString
CoInternetIsFeatureEnabled

ntdsapi

DsBindWithCredW
DsFreeDomainControllerInfoW

wininet

InternetInitializeAutoProxyDll
FindCloseUrlCache

setupapi

SetupGetFileCompressionInfoW

msvcrt

_time64
_localtime64

user32

GetMenuItemID
LogicalToPhysicalPoint
DdeSetUserHandle
LockSetForegroundWindow
InsertMenuItemA
DdeCreateDataHandle
UpdateWindow
GetScrollInfo
wsprintfA
DestroyWindow

ws2_32

WSAGetOverlappedResult

rpcrt4

I_RpcSend
RpcStringFreeW

gdi32

DeleteEnhMetaFile
RoundRect
GdiSetBatchLimit
RestoreDC
GetViewportExtEx

netapi32

NetUserGetLocalGroups

winscard

SCardBeginTransaction
SCardSetCardTypeProviderNameA

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea2e95008116eb33ba06c193e4059804

Headers

DLL Characteristics

File Characteristics

Imports

ole32

avifil32

advapi32

shlwapi

kernel32

cfgmgr32

oleaut32

secur32

urlmon

ntdsapi

wininet

setupapi

msvcrt

user32

ws2_32

rpcrt4

gdi32

netapi32

winscard

Sections

.text Size: 163KB - Virtual size: 162KB

.text Size: 3KB - Virtual size: 10KB

.crt Size: 4KB - Virtual size: 3KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 163KB - Virtual size: 162KB

.text
Size: 3KB - Virtual size: 10KB

.crt
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 40KB - Virtual size: 40KB