4ef0bedfcd5bed2a64a287f33399529a0144477307306a441de5b7b271cc10e7

Sharing

Copy URL Twitter E-mail

General

Target

4ef0bedfcd5bed2a64a287f33399529a0144477307306a441de5b7b271cc10e7
Size

204KB
MD5

738bc55777ac1ccb753b54fa4671ecb0
SHA1

173a97368a0c55b02bda003ca74052f89827dc62
SHA256

4ef0bedfcd5bed2a64a287f33399529a0144477307306a441de5b7b271cc10e7
SHA512

1fc96ab6fdd4c9016b8c17641d5d9785bef9501bda1c812558ca9a16f49e0670ad76770c73e0b1cf3027622b734cac3b586dd897978862a0abae0702050d4d4d
SSDEEP

6144:/tasQRfeoW7JBxk7QlCkukItPgbMl3/IhoexhjX:1FQE756ksPgsvILxR

Score

N/A

Malware Config

Signatures

Files

4ef0bedfcd5bed2a64a287f33399529a0144477307306a441de5b7b271cc10e7
.exe windows x86

dc196ee5594599da8b39f7a4733c776c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueExW
DeregisterEventSource
ReportEventA
RegisterEventSourceW
RegEnumValueA
GetUserNameA

comctl32

ord17

gdi32

DeleteDC
RestoreDC
DeleteObject
GetTextMetricsA
GetTextFaceA
SelectObject
CreateFontA
GetDeviceCaps
SetMapMode
SaveDC
Polyline
CreatePen
ExtTextOutW
GetTextExtentPoint32W
SetTextAlign
SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA

kernel32

MultiByteToWideChar
GetCommandLineA
ExitProcess
GetCommandLineW
MapViewOfFile
ReleaseMutex
WaitForSingleObject
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
DeleteFileW
GetModuleHandleA
GetStartupInfoA
GetStartupInfoW
CloseHandle
CreateThread
Sleep
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
MulDiv
FreeLibrary
GetProcAddress
WideCharToMultiByte
GetModuleFileNameA
LoadLibraryA
GetSystemDefaultLangID
GetUserDefaultLangID
GetACP
GetSystemDefaultLCID
GetVersionExA
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
lstrcpyA
GetLastError
GetProfileStringA
SetEvent
CreateSemaphoreA
CreateFileMappingA
GetFileSize
CreateFileA
UnmapViewOfFile
DeleteFileA
RemoveDirectoryA
RemoveDirectoryW
GetTickCount
SetEnvironmentVariableA
ReadProcessMemory
VirtualQueryEx
GetSystemInfo
GetFileAttributesA
CreateDirectoryA
FindNextFileA
FindClose
FindFirstFileA
GetWindowsDirectoryA
WriteFile
SetFilePointer
CreateFileW
GetTempPathW
GetFileAttributesW
CreateDirectoryW
LockResource
LoadResource
FindResourceExA
GetSystemDirectoryA
SetEndOfFile
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
IsDBCSLeadByte
CreateProcessA
CreateProcessW
SuspendThread
GetSystemTime
GetComputerNameA
CreateMutexA
TlsAlloc
TlsFree
TlsSetValue
VirtualFree
TlsGetValue
GetTempPathA
ResumeThread
GetCurrentThreadId
TerminateThread
GetCurrentProcessId
IsValidCodePage
HeapAlloc
VirtualAlloc
DuplicateHandle
lstrcmpW
GetStringTypeW
DebugBreak
GetThreadSelectorEntry
GetLocaleInfoA
LCMapStringW
GetThreadContext
HeapFree
SetLastError
GetSystemTimeAsFileTime
OutputDebugStringA
LCMapStringA
GetStringTypeA
RtlUnwind

oleaut32

SysFreeString
VariantTimeToDosDateTime
SysAllocString
SystemTimeToVariantTime
SysStringLen

shell32

ExtractIconExA
ShellExecuteExA

shlwapi

AssocQueryStringW
UrlGetPartA
wnsprintfA

urlmon

CreateURLMoniker

user32

GetScrollInfo
IsDlgButtonChecked
LoadIconA
DrawFocusRect
SetWindowTextW
GetWindow
LoadCursorA
DestroyIcon
GetWindowPlacement
IsIconic
LoadStringW
GetWindowThreadProcessId
EnumWindows
CharPrevA
CallWindowProcA
CallWindowProcW
IsWindowUnicode
EnableWindow
DrawIconEx
DestroyWindow
SetWindowLongA
GetSysColor
SendDlgItemMessageA
GetClientRect
SetScrollInfo
SystemParametersInfoA
CheckDlgButton
SetDlgItemTextA
SetFocus
EndDialog
GetDlgItem
ShowWindow
SetCursor
InvalidateRect
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CreateDialogParamA
SetWindowTextA
GetDC
MapWindowPoints
GetSysColorBrush
FillRect
ReleaseDC
GetSystemMetrics
SetForegroundWindow
GetWindowLongA
GetWindowRect
SetWindowPos
RegisterClassExA
CreateWindowExA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
KillTimer
SetTimer
SendMessageA
PostMessageA
DefWindowProcA

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA

wininet

InternetReadFileExA
InternetWriteFile
HttpSendRequestExA
InternetSetOptionA
HttpEndRequestA
InternetSetStatusCallback
InternetAutodial
InternetGetConnectedState
InternetCloseHandle
InternetQueryOptionA
HttpQueryInfoA
HttpOpenRequestA
InternetConnectA
InternetOpenA

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

snxaezs
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc196ee5594599da8b39f7a4733c776c

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

shlwapi

urlmon

user32

version

wininet

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 4KB - Virtual size: 32KB

.rsrc Size: 32KB - Virtual size: 32KB

snxaezs Size: - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 4KB - Virtual size: 32KB

.rsrc
Size: 32KB - Virtual size: 32KB

snxaezs
Size: - Virtual size: 4KB