4d2592014ea23592c0e04e865fefdb70250045452b49fbcae914dc9507d97b84

Sharing

Copy URL Twitter E-mail

General

Target

4d2592014ea23592c0e04e865fefdb70250045452b49fbcae914dc9507d97b84
Size

297KB
MD5

02a4902df3d9009118d5d2b89fb58770
SHA1

f62ec080fd650a65812cfb09503e9ab441c00fab
SHA256

4d2592014ea23592c0e04e865fefdb70250045452b49fbcae914dc9507d97b84
SHA512

1b3ad3b5642b130f34d32ea648e76647193e0abf98a9ac72191321be9c8d4e71f264e56d4346f128c7a6ee32e2c7c49973150be2c9c4086698e5dbeb9f0b8766
SSDEEP

3072:hNadB5yTubJ61pjtUWcocan+U/6j/4bVIUXmdcDkrlMAla/4oKaBBMBi+ZF8:hAR/bcsacYlZbG0bELlE4TLg1

Score

N/A

Malware Config

Signatures

Files

4d2592014ea23592c0e04e865fefdb70250045452b49fbcae914dc9507d97b84
.exe windows x86

50a1f05d55bee232a2a0ce0bc8faef7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

CopyFileW
WritePrivateProfileStringW
GetTickCount
GetLastError
lstrcpyW
CreateMutexW
ReleaseMutex
GetLocaleInfoA
MultiByteToWideChar
CreateFileW
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
SetFileAttributesW
CreateDirectoryW
WideCharToMultiByte
GetTempPathW
GetVersionExW
GetStringTypeW
GetPrivateProfileStringW
GetModuleFileNameW
TerminateProcess
RtlUnwind
HeapAlloc
HeapFree
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
GetProcessHeap
GetStartupInfoW
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
GetFileType
CreateFileA
Sleep
SetHandleCount
GetStartupInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
FlushFileBuffers
InitializeCriticalSection
LoadLibraryA
SetEndOfFile
GetStringTypeA

user32

MessageBoxW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

cabinet

ord21
ord23
ord22
ord20

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50a1f05d55bee232a2a0ce0bc8faef7e

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

cabinet

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 196KB - Virtual size: 196KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 196KB - Virtual size: 196KB