4dedf81bfb5b46a1e0684e37518f00f060e6e503dfb7c003d803b852be7ab647

Sharing

Copy URL

Twitter E-mail

General

Target

4dedf81bfb5b46a1e0684e37518f00f060e6e503dfb7c003d803b852be7ab647
Size

340KB
MD5

18f7d4a5e3d6f5069ecc4b00f32ef46d
SHA1

8aa8f940c6084c3d31c4f813d599725c3c47b309
SHA256

4dedf81bfb5b46a1e0684e37518f00f060e6e503dfb7c003d803b852be7ab647
SHA512

6f9446c86de8e484d18cacc20b056cd8b7fbb633ad73c7543f42a8d85626eaa94f6ac98a2acc84a4679453cbfe026d55e9226ed0954b10a62a3baa5ea3893095
SSDEEP

6144:ZYAwVrav70c4ypVPDlhy2tbZ/fifR7B/5/zM1v2k4Lqv8ifX1:aNrcwc4cty2//0l/wvP4Lqvjl

Score

N/A

Malware Config

Signatures

Files

4dedf81bfb5b46a1e0684e37518f00f060e6e503dfb7c003d803b852be7ab647
.exe windows x86

218ca2d525e1f7f27df1fa156c82780d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

LPSAFEARRAY_UserMarshal

msvcrt

labs
__iscsym
__dllonexit
_onexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_y0
_wctime64
exit

user32

InSendMessage
CreateIconFromResource
CreateIconFromResourceEx

mpr

WNetAddConnectionA
WNetConnectionDialog
WNetConnectionDialog1A

advapi32

RegQueryInfoKeyW
GetTrusteeTypeA
SetNamedSecurityInfoA
GetTrusteeFormA
LogonUserA
SetServiceObjectSecurity
RegSetValueExW
RegQueryInfoKeyA
GetServiceDisplayNameW
RegConnectRegistryA
ControlService
OpenServiceA
LsaQueryInformationPolicy
RegUnLoadKeyW
DeleteService
RegRestoreKeyW
EnumDependentServicesA
RegCreateKeyA
RegQueryValueW
RegCreateKeyW
RegNotifyChangeKeyValue
RegCloseKey
GetUserNameW
RegOpenKeyExW
CreateServiceW
StartServiceCtrlDispatcherW
ReportEventA
LsaFreeMemory
CreateProcessAsUserW
RegDeleteKeyA
RegSetValueA
DecryptFileW
QueryServiceLockStatusW

mfc42

ord2982
ord1060
ord3259
ord4465
ord1063
ord3262
ord2985
ord3081
ord2976
ord1051
ord1071
ord3831
ord3825
ord3079
ord4080
ord1168
ord1017
ord4424
ord3738
ord561
ord1576
ord5714
ord1040
ord5307
ord3830
ord1086
ord815
ord6375
ord4486
ord1072
ord1015
ord5731
ord3922
ord1089
ord1022
ord2396
ord1096
ord1001
ord5302
ord2725
ord1026

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

218ca2d525e1f7f27df1fa156c82780d

Headers

File Characteristics

Imports

oleaut32

msvcrt

user32

mpr

advapi32

mfc42

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 56KB - Virtual size: 2.8MB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 56KB - Virtual size: 2.8MB

.rsrc
Size: 56KB - Virtual size: 54KB