29784444452b3979641cd1c33f88f26c6a65d918c16af7502556fe2b6ad2eb46

Sharing

Copy URL

Twitter E-mail

General

Target

29784444452b3979641cd1c33f88f26c6a65d918c16af7502556fe2b6ad2eb46
Size

833KB
MD5

74f174bfa3ba25dfe4a90805aaafb6a0
SHA1

f58c5350e51b1151d95df742db808768b1f861f7
SHA256

29784444452b3979641cd1c33f88f26c6a65d918c16af7502556fe2b6ad2eb46
SHA512

b371e2e1ed1257d013bf68c75cf8b5d6b363b0f2b6f8151aa14402e9baf72d69a7aece0c9d9184909400aa02e546ef11f03b1e4d37815c6aff1d32fa73827c62
SSDEEP

12288:4jmPS3MwLfDwXD829YrLybVDElYf1Oziy8NZ/BQTidvWWN5eLsp:4jmPfkrY+rLyhDEl01Oziy8xQTi9K4

Score

N/A

Malware Config

Signatures

Files

29784444452b3979641cd1c33f88f26c6a65d918c16af7502556fe2b6ad2eb46
.exe windows x86

49db8eaa22322573f630ec348e88b350

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
WaitForMultipleObjects
CancelIo
IsDebuggerPresent
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
SetThreadAffinityMask
CloseHandle
FindResourceW
LoadResource
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
SizeofResource
MultiByteToWideChar
lstrlenW
RaiseException
lstrcmpiW
CreateThread
lstrlenA
InterlockedIncrement
InterlockedDecrement
OpenProcess
WideCharToMultiByte
WriteConsoleW
SetEnvironmentVariableA
CompareStringW
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
EnterCriticalSection
GetCurrentProcessId
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
HeapSize
GetFileType
GetStdHandle
HeapCreate
GetStringTypeW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
RtlUnwind
GetCPInfo
GetStartupInfoW
HeapSetInformation
GetSystemTimeAsFileTime
HeapReAlloc
GetTimeZoneInformation
ExitThread
HeapAlloc
HeapFree
DecodePointer
EncodePointer
InterlockedExchange
GetProcAddress
GetLastError
FlushFileBuffers
DisconnectNamedPipe
GlobalUnlock
SetThreadPriority
GetOverlappedResult
CreateFileW
GetModuleFileNameW
ReadFile
IsProcessorFeaturePresent
LeaveCriticalSection
GetVersionExW
Sleep
TerminateThread
LoadLibraryW
GlobalAlloc
InitializeCriticalSection
WriteFile
GetCurrentThread
GetTickCount
GetModuleHandleW
OutputDebugStringW
ConnectNamedPipe
SetEvent
WaitForSingleObject
GlobalLock
QueryPerformanceCounter
GlobalSize
GetCurrentProcess
FreeLibrary
SetFilePointer
ExitProcess
GetCommandLineW
GetUserDefaultLCID

user32

GetKeyState
PostMessageW
UnregisterClassW
SetCapture
IsChild
GetMessageW
SetForegroundWindow
DispatchMessageW
GetWindowRect
GetMessagePos
GetMessageTime
DefWindowProcW
DestroyIcon
SetWindowTextW
SetClipboardData
SendMessageW
SetCaretPos
GetSystemMetrics
ReleaseCapture
OpenClipboard
CreateWindowExW
CreateCaret
GetActiveWindow
ShowWindow
GetCursorPos
GetSystemMenu
MapVirtualKeyW
GetUpdateRgn
CloseClipboard
EnumDisplayMonitors
SetCursor
DestroyWindow
PostThreadMessageW
EndPaint
CharUpperW
CharNextW
GetWindowThreadProcessId
SetWindowPos
GetDesktopWindow
DestroyCaret
DestroyCursor
SetWindowLongW
EmptyClipboard
EnableMenuItem
ReleaseDC
PeekMessageW
SystemParametersInfoW
GetClipboardData
GetAncestor
GetWindowLongW
SetCursorPos
InvalidateRect
GetWindowPlacement
RegisterClassExW
GetForegroundWindow
TranslateMessage
GetCapture
GetDC
CreateIconIndirect
BeginPaint
ShowCaret
SetFocus
WindowFromPoint
MessageBeep
GetWindowInfo
LoadCursorW
CreateCursor
AttachThreadInput
TrackMouseEvent
GetParent
GetFocus

gdi32

SetMapperFlags
GetKerningPairsW
RealizePalette
StretchDIBits
SelectPalette
SetStretchBltMode
CreateRectRgn
GetGlyphOutlineW
SaveDC
GetGlyphIndicesW
RestoreDC
GetDeviceCaps
CreateFontIndirectW
CreateDIBSection
DeleteDC
GetTextMetricsW
GetOutlineTextMetricsW
SetMapMode
CreateCompatibleBitmap
CombineRgn
CreateRectRgnIndirect
CreateCompatibleDC
SelectObject
DeleteObject
CreateBitmap
SetPixel
CreateHalftonePalette
GetRegionData
ExcludeClipRect

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW

shell32

ExtractAssociatedIconW
Shell_NotifyIconW

ole32

CoUnmarshalInterface
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemFree
CoReleaseServerProcess
CoInitialize
StringFromGUID2
CoAddRefServerProcess
CoTaskMemRealloc
CoUninitialize
RegisterDragDrop
CoTaskMemAlloc
OleInitialize
CoCreateInstance
RevokeDragDrop

oleaut32

SysFreeString
RegisterTypeLi
VarUI4FromStr
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysAllocString
LoadRegTypeLi

msvfw32

DrawDibOpen
DrawDibDraw

winmm

timeBeginPeriod

ws2_32

ioctlsocket
connect
WSAStartup
select
WSAGetLastError
htons
setsockopt
WSACleanup
recv
socket
__WSAFDIsSet
closesocket
gethostbyname
send
getsockopt

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

49db8eaa22322573f630ec348e88b350

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvfw32

winmm

ws2_32

Sections

.text Size: 552KB - Virtual size: 552KB

.rdata Size: 109KB - Virtual size: 108KB

.data Size: 13KB - Virtual size: 22KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 137KB - Virtual size: 140KB

.text
Size: 552KB - Virtual size: 552KB

.rdata
Size: 109KB - Virtual size: 108KB

.data
Size: 13KB - Virtual size: 22KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 137KB - Virtual size: 140KB