48b4f13768770636b1cdedbca6b9e6daeced951097ef8aaf70c9ae1fc3b9a4a5

Sharing

Copy URL

Twitter E-mail

General

Target

48b4f13768770636b1cdedbca6b9e6daeced951097ef8aaf70c9ae1fc3b9a4a5
Size

215KB
MD5

82d54850089a2cdfb0e39cff0f06f3d7
SHA1

971d3e3918bc018a7f80595097335bffce398157
SHA256

48b4f13768770636b1cdedbca6b9e6daeced951097ef8aaf70c9ae1fc3b9a4a5
SHA512

ff68347e6d219850dca473d0735ab8d8fa873f23b7d78220e0c30129395d4868e074e161253ccf59cbb67be2e173cdb1ba70a30512f73623f6ac806713b76ccf
SSDEEP

3072:Am4uEoWDFKDNJKjmTmIAkmZjQ+3S4mbbRNUoxWg6Cr1mwSmuu6Tm2ddAyFnOTR6r:aoe8NUjE/+i4+bRD2Cr1juu6CanOG3v

Score

N/A

Malware Config

Signatures

Files

48b4f13768770636b1cdedbca6b9e6daeced951097ef8aaf70c9ae1fc3b9a4a5
.exe windows x86

932e65230e23ec17a2e28c2c9b269464

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesA
CloseMetaFile
CreateEnhMetaFileA
OffsetRgn
SetArcDirection
CreateDIBSection
DeleteObject
CreatePolyPolygonRgn
GetSystemPaletteUse
UpdateColors
SetSystemPaletteUse

kernel32

MoveFileExA
OpenSemaphoreW
GlobalFree
FatalAppExitA
SetCurrentDirectoryA
GetSystemDirectoryW
FlushFileBuffers
GetModuleFileNameW
LoadLibraryExW
GlobalGetAtomNameW
GetWindowsDirectoryA
PeekNamedPipe
VirtualAllocEx
GetSystemTime
GetCurrentProcessId
FindFirstFileW
GetProcessTimes
EndUpdateResourceA
FreeLibrary
lstrcpynA
UnmapViewOfFile
RemoveDirectoryW
GlobalUnlock
GetOverlappedResult
SetCommMask
GetCurrentProcess
GetShortPathNameA
GetCommandLineA
VirtualAlloc
ExitProcess

advapi32

QueryServiceStatus
RegDeleteKeyA
CreatePrivateObjectSecurity
CryptGetUserKey
GetNamedSecurityInfoW
ImpersonateNamedPipeClient
AllocateAndInitializeSid
GetSidSubAuthority
RegLoadKeyA
CryptExportKey
AdjustTokenPrivileges
OpenServiceW
AddAccessDeniedAce
NotifyChangeEventLog
AbortSystemShutdownA
RegisterEventSourceW
CreateServiceW

user32

UpdateWindow
GetClassInfoExA
AppendMenuW
RedrawWindow
NotifyWinEvent

version

VerFindFileA
GetFileVersionInfoSizeA
VerInstallFileA

oleaut32

SysFreeString
QueryPathOfRegTypeLi
LoadTypeLibEx
VariantChangeType
VariantCopy

ws2_32

WSAHtons
htonl
WSAUnhookBlockingHook
WSAGetLastError
getprotobyname
WSALookupServiceBeginA
WSADuplicateSocketA
getservbyname
WSAResetEvent
WSACancelAsyncRequest
getsockname
gethostname
WSARecvFrom

ole32

CoCreateInstanceEx
CoGetInterfaceAndReleaseStream
CreateBindCtx

shell32

SHGetSettings

msvcrt

_endthreadex
printf
_stat
_setmode
wscanf
_wpopen
_wtol
remove
ctime
strchr
iswdigit
isalnum
_mbscpy
wcstol
_wcsnicmp
fgetws
realloc
getc
tmpnam
signal

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

932e65230e23ec17a2e28c2c9b269464

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

user32

version

oleaut32

ws2_32

ole32

shell32

msvcrt

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 20KB

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 20KB