4ed1a61b09ff0081acff0cd2cf41468a6e492bad6d36f388ef7c65f2096ca888

Sharing

Copy URL Twitter E-mail

General

Target

4ed1a61b09ff0081acff0cd2cf41468a6e492bad6d36f388ef7c65f2096ca888
Size

188KB
MD5

6713ab331394a0cf840824fcef769d60
SHA1

1d2db0f2bf55102bf163c66576237e177250316a
SHA256

4ed1a61b09ff0081acff0cd2cf41468a6e492bad6d36f388ef7c65f2096ca888
SHA512

1b2e3f6fcf7ce455474c3c9ac8da4964bb3b84e05be7ec1e438585a14d5a81cc8c17c93e06d2723dcb776b8846749adcdeb854854d996efcda30904258d67361
SSDEEP

3072:exge5uKcFs6A21jNOYbuDGo2UMvnry/1IsjtTBflLn8+:exge5ub+UHObG9Jvn+/GsjtTBd8+

Score

N/A

Malware Config

Signatures

Files

4ed1a61b09ff0081acff0cd2cf41468a6e492bad6d36f388ef7c65f2096ca888
.exe windows x86

e1dda8f9e76c68ad2779e4f8a181887f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
FindClose
FindFirstFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateEventA
TerminateThread
WaitForSingleObject
GetModuleFileNameA
CreateThread
GetSystemDirectoryA
ResetEvent
WaitForMultipleObjects
SetFilePointer
GetShortPathNameA
TerminateProcess
OpenProcess
CreateDirectoryA
GetFileSize
GetTickCount
SetFileAttributesA
GetFileAttributesA
GetTempPathA
CreateFileA
ReadFile
DeleteFileA
SetEvent
OpenEventA
CloseHandle
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
AddAtomA
WriteFile
GetStartupInfoA
GetModuleHandleA
GlobalAlloc
GlobalFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapLock
HeapWalk
HeapUnlock
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
GetExitCodeProcess
CreatePipe
GetCurrentProcess
DuplicateHandle
CreateProcessA
GetDriveTypeA
GetVolumeInformationA
GetLongPathNameA
GetCurrentProcessId
FindNextFileA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetExitCodeThread
Sleep

user32

IsWindow
PostThreadMessageA
GetMessageA
GetWindowTextA
GetWindowLongA
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
PostMessageA
FindWindowA
GetSystemMetrics
DestroyWindow
SendMessageA
AnyPopup

advapi32

RegOpenKeyExA
AbortSystemShutdownA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA

shell32

SHFileOperationA
ShellExecuteA

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage
GdipSaveImageToFile
GdipLoadImageFromFile
GdipFree
GdipAlloc

mfc42

ord3626
ord640
ord665
ord1979
ord5186
ord354
ord5785
ord1641
ord1640
ord323
ord800
ord1601
ord537
ord3663
ord3571
ord2414

msvcrt

memset
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
_exit
_strset
_strupr
strcpy
strstr
strcmp
__CxxFrameHandler
sprintf
memcpy
wcscmp
free
pow
malloc
_purecall
_ftol
rand
srand
memcmp
strchr
strlen
strrchr
_except_handler3
_CxxThrowException

psapi

EnumProcessModules
GetModuleFileNameExA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetObjectA
CreateDCA
GetDIBits

ole32

StringFromGUID2
CoCreateGuid
CoUninitialize
CoInitialize

ws2_32

shutdown
getsockname
recvfrom
connect
send
recv
WSACleanup
WSAStartup
gethostbyname
gethostname
closesocket
WSAIoctl
socket
bind
htons
sendto
ntohs
WSAGetLastError

winmm

timeSetEvent
timeKillEvent

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1dda8f9e76c68ad2779e4f8a181887f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdiplus

mfc42

msvcrt

psapi

gdi32

ole32

ws2_32

winmm

avicap32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB