4735c16308fb3b318b7133e2f6ca48d5a4706f735052e2a1dd0753f5927c44b4

Sharing

Copy URL Twitter E-mail

General

Target

4735c16308fb3b318b7133e2f6ca48d5a4706f735052e2a1dd0753f5927c44b4
Size

76KB
MD5

6e3be37336b502f2bbfff61b46b242c0
SHA1

c002ad4db0a1fcc9e0f216cfcc079c535624d6a7
SHA256

4735c16308fb3b318b7133e2f6ca48d5a4706f735052e2a1dd0753f5927c44b4
SHA512

fe66952c5e5dd216e86e47b2d11b53206699fdefa5f25232c82d1478119eebd452fd5598d83ccec1e77a5d5cade39a01f2149993aba595b337b4aa75e3f17b6e
SSDEEP

768:Q07i/PixctLYPQ3lwpnOYgkyNmcxTCcxT5o:Q07iH/3lltNmcxTCcxT

Score

N/A

Malware Config

Signatures

Files

4735c16308fb3b318b7133e2f6ca48d5a4706f735052e2a1dd0753f5927c44b4
.dll windows x86

5fbcbf126afcd32e904e5691f5c07877

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
OpenEventA
CreateEventA
GetModuleFileNameA
DeviceIoControl
DeleteFileA
GetCPInfoExA
GetACP
TerminateThread
SetEndOfFile
SetConsoleTitleW
SetComputerNameW
ExitProcess
ExitThread
DisableThreadLibraryCalls
OpenProcess
GetCurrentProcess
GetLastError
VerLanguageNameA
TerminateProcess
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
CreateThread
Sleep
GetTempPathA
CreateFileA
WriteFile
CreateProcessA
GetLocalTime
GetTickCount
VerLanguageNameW
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle

user32

EnumWindows
PostThreadMessageA
PostMessageA
GetWindowThreadProcessId
CreateWindowStationW
GetInputState
GetWindowTextA
GetMessageA
GetMenuItemInfoW
wsprintfA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

gdi32

GetBkColor
GetBkMode

advapi32

LookupPrivilegeValueA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
AdjustTokenPrivileges
OpenProcessToken
CloseServiceHandle
ControlService
OpenServiceA
DeleteService
OpenSCManagerA

msvcrt

memset
_strlwr
strrchr
strstr
__CxxFrameHandler
time
srand
memcpy
sprintf
strcpy
strcat
strlen
??3@YAXPAX@Z

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fbcbf126afcd32e904e5691f5c07877

Headers

File Characteristics

Imports

kernel32

user32

wininet

gdi32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.code Size: 4KB - Virtual size: 720B

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 14KB

.pata Size: 8KB - Virtual size: 4KB

.uata Size: 8KB - Virtual size: 4KB

.rata Size: 8KB - Virtual size: 4KB

.zata Size: 8KB - Virtual size: 4KB

.CRT Size: 4KB - Virtual size: 4B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 15KB

.code
Size: 4KB - Virtual size: 720B

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 14KB

.pata
Size: 8KB - Virtual size: 4KB

.uata
Size: 8KB - Virtual size: 4KB

.rata
Size: 8KB - Virtual size: 4KB

.zata
Size: 8KB - Virtual size: 4KB

.CRT
Size: 4KB - Virtual size: 4B

.reloc
Size: 4KB - Virtual size: 3KB