4ce9a1782147ebe666e085de0afe95a0820c5aa6dc76f80f16283040fa672a7a

Sharing

Copy URL

Twitter E-mail

General

Target

4ce9a1782147ebe666e085de0afe95a0820c5aa6dc76f80f16283040fa672a7a
Size

126KB
MD5

4ec7825cf397496cd2fd6a0f55267810
SHA1

1240f13a0599e1d2215cb3b05d9a102a09728065
SHA256

4ce9a1782147ebe666e085de0afe95a0820c5aa6dc76f80f16283040fa672a7a
SHA512

cb6167e671197c2659ff22b2920bccc69d29ea12e251afead6fd4f4809b3427dcd5e2d4e68342e80076ae87ee5f9be78f4cdeb33b66d7b1efc4844ca49af60a4
SSDEEP

3072:vWTL1w/a4aOre+H/SDkU2KLgeB6v7XWSwfP:ve6/a4xy+KDrgzXWDP

Score

N/A

Malware Config

Signatures

Files

4ce9a1782147ebe666e085de0afe95a0820c5aa6dc76f80f16283040fa672a7a
.exe windows x86

e6abd899d832e7af6ebcac4e2a2304b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

oleaut32

RegisterActiveObject
GetActiveObject
DllUnregisterServer

ole32

CoUninitialize
CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoInitialize
CoTaskMemFree

kernel32

GetVersion
FormatMessageA
GlobalFix
lstrcmpiW
GetTickCount
GetProcAddress
DeleteFileW
FindFirstFileW
FindClose
TerminateProcess
HeapReAlloc
SetCurrentDirectoryW
ExpandEnvironmentStringsW
ReleaseMutex
CloseHandle
SetLastError
SetCommMask
SetUnhandledExceptionFilter
LoadLibraryW
QueryPerformanceCounter
GetSystemDirectoryW
WriteFile
GetExitCodeProcess
lstrcmpW
CreateDirectoryW
QueryDosDeviceW
GetFullPathNameW
FormatMessageW
VirtualQuery
LoadLibraryA
GetPrivateProfileIntW
GetPrivateProfileStringW
GetTimeFormatW
GetDriveTypeW
FindNextFileW
GetPrivateProfileSectionW
CreateProcessW
GetStartupInfoA
InterlockedExchange
GetCommandLineW
IsValidLocale
GetModuleFileNameW
GetSystemTimeAsFileTime
InterlockedIncrement
GetModuleHandleA
UnhandledExceptionFilter
Sleep
GetCurrentProcess
GetVersionExA
GlobalAlloc
FreeLibrary
ReadFile
GetLastError
HeapAlloc
SetFilePointer
OpenMutexW
GetWindowsDirectoryW
OpenEventW
CreateFileW
CreateMutexW
GetDateFormatW
GetProcessHeap
InterlockedDecrement
GetCurrentDirectoryW
GlobalFree
DeviceIoControl
RaiseException
GetProcessHeap
GetDiskFreeSpaceExW
LocalReAlloc
GetTempPathW
MultiByteToWideChar
GetCurrentThreadId
GetLogicalDriveStringsW
HeapFree
GetFileAttributesW
GetCurrentProcessId
GetVolumeInformationW
CopyFileW
HeapSize
lstrlenW
LocalAlloc
LocalFree
lstrlenA
WideCharToMultiByte
WaitForSingleObject

advapi32

SetSecurityDescriptorDacl
RegisterEventSourceA
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
DeregisterEventSource

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zxmxqf
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 107KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6abd899d832e7af6ebcac4e2a2304b5

Headers

File Characteristics

Imports

shell32

oleaut32

ole32

kernel32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 9KB

.zxmxqf Size: 3KB - Virtual size: 3KB

.edata Size: 107KB - Virtual size: 127KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 9KB

.zxmxqf
Size: 3KB - Virtual size: 3KB

.edata
Size: 107KB - Virtual size: 127KB