199e6a4894a2dfad2d0bef7c418496b0532183d0d50d2f5fb65b3e0d01e1f9be

Sharing

Copy URL Twitter E-mail

General

Target

199e6a4894a2dfad2d0bef7c418496b0532183d0d50d2f5fb65b3e0d01e1f9be
Size

92KB
MD5

4539057e690b3409a5d4f86b31ccec20
SHA1

6daa5281452f0e6725565e88fceb1d5db29df686
SHA256

199e6a4894a2dfad2d0bef7c418496b0532183d0d50d2f5fb65b3e0d01e1f9be
SHA512

8e4c52c76c03d55221e7671994d1c2a518f3e22899aaff25482101bf5cf43b8bbdce537a0b3ce34df820ae50413c3ac5e1b51f5792f026167abc9ae1b804339b
SSDEEP

1536:N4CBzP3MFKp+oEy5mkh8u/so7QsOuAMJDgP:2o/5+oEy578Xgj9HgP

Score

N/A

Malware Config

Signatures

Files

199e6a4894a2dfad2d0bef7c418496b0532183d0d50d2f5fb65b3e0d01e1f9be
.exe windows x86

4a9946519df00f5867336d8b0ad3035e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
CloseHandle
GetVersion
ReadProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetStringTypeA
LoadLibraryA
GetOEMCP
lstrlenW
GetCPInfo
HeapReAlloc
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
FindFirstFileW
lstrcmpW
FindNextFileW
FindClose
RemoveDirectoryW
DeleteFileW
Sleep
CreateThread
GetStringTypeW
GetEnvironmentVariableA
GetACP
WaitForSingleObject
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
HeapAlloc
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

user32

FindWindowExW
GetWindowThreadProcessId
SendMessageW
GetClientRect
GetWindowRect
MoveWindow
GetWindowTextW
IsWindowVisible
FindWindowW
SetWindowPos
wsprintfW
EnumWindows
GetClassNameW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegSetValueExW

shell32

SHGetSpecialFolderPathW

comctl32

ord17

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zmsmuat
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4a9946519df00f5867336d8b0ad3035e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 44KB - Virtual size: 44KB

zmsmuat Size: - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 44KB - Virtual size: 44KB

zmsmuat
Size: - Virtual size: 4KB