4dee28cec4200ea295b2ec8e14d60c7664c9383d705c5dc5b0b057f94cab7d73

Sharing

Copy URL Twitter E-mail

General

Target

4dee28cec4200ea295b2ec8e14d60c7664c9383d705c5dc5b0b057f94cab7d73
Size

84KB
MD5

6b81b8872eb552dca49af5f759832f67
SHA1

3998690a8e06a2da96aa6cb4237bc5536bb5768d
SHA256

4dee28cec4200ea295b2ec8e14d60c7664c9383d705c5dc5b0b057f94cab7d73
SHA512

2af2cc026369470ff1b7cfc8a134e83310838c8bd6884a1d5446d82eda9d4b461337eb0fece27ec261e26ca7e95f43c58edd3f5039004d512f889b94041e4621
SSDEEP

1536:bHGUdFObDQ6KKo9tCKX1jN2zj5wp5pYmO:bmUwDnoXCA9y8cmO

Score

N/A

Malware Config

Signatures

Files

4dee28cec4200ea295b2ec8e14d60c7664c9383d705c5dc5b0b057f94cab7d73
.exe windows x86

850ffdbaa017812eb2317ab8d014ba33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCurrentThreadId
WriteFile
InitializeCriticalSection
GetCommandLineA
lstrcmpiA
WaitForSingleObject
CreateEventA
CreateThread
DeleteCriticalSection
InterlockedIncrement
CreateFileA
SetEvent
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
InterlockedDecrement
TerminateProcess
GetCurrentProcess
HeapFree
SetStdHandle
LoadLibraryA
GetProcAddress
GetCPInfo
HeapAlloc
SetUnhandledExceptionFilter
SetFilePointer
GetLastError
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetTempPathA
HeapReAlloc
VirtualAlloc
CloseHandle
IsBadCodePtr
RtlUnwind
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
IsBadWritePtr
VirtualFree
GetEnvironmentStrings
GetACP
GetOEMCP
FlushFileBuffers
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetFileType
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate

user32

GetMessageA
DispatchMessageA
PeekMessageA
PostThreadMessageA
CharNextA
MessageBoxA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHFileOperationA

ole32

CoInitialize
CoUninitialize
CoRegisterMessageFilter
CoCreateInstance

oleaut32

SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString

atl

ord18
ord32
ord21
ord20
ord23
ord57
ord16
ord17
ord30

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

850ffdbaa017812eb2317ab8d014ba33

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

atl

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 5KB

.crdata Size: 20KB - Virtual size: 20KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 5KB

.crdata
Size: 20KB - Virtual size: 20KB