4e2466b56028abb91c9b85f98313ee68d3dc4ab794a7dda7a669a7e59affba66

Sharing

Copy URL Twitter E-mail

General

Target

4e2466b56028abb91c9b85f98313ee68d3dc4ab794a7dda7a669a7e59affba66
Size

112KB
MD5

091fdb652f21cc54acd462361bed6300
SHA1

12cf8f347512056086fa61cb9ece434f6841b663
SHA256

4e2466b56028abb91c9b85f98313ee68d3dc4ab794a7dda7a669a7e59affba66
SHA512

4edb63db99ecd80386b59c25833bcdd0cad4a2e9a5bb0a3c466bb2d0de8c11157008faee8eb3c3ac62a01c87b373181272720f96ccc3721e60bd57ef999adeef
SSDEEP

1536:PQIWxlwrro61h1imCM+AjvjxOebdoClqmn34pI4RVWtMe5QFGdA:PQjlwLhX/ZGClqA2I4R86e5fA

Score

N/A

Malware Config

Signatures

Files

4e2466b56028abb91c9b85f98313ee68d3dc4ab794a7dda7a669a7e59affba66
.exe windows x86

997f8be932bbc686f5b13b8ab97060c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCancelConnection2A

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetHandleCount
FlushFileBuffers
WriteFile
LCMapStringW
LCMapStringA
GetSystemInfo
GetFileType
UnhandledExceptionFilter
SetStdHandle
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
HeapSize
GetLocaleInfoA
GetCPInfo
SetFilePointer
GetStringTypeA
GetStringTypeW
GetWindowsDirectoryA
GetCurrentProcess
LoadLibraryA
CopyFileA
DeleteFileA
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
GetShortPathNameA
GetFileAttributesA
SetFileAttributesA
OpenEventA
WaitForSingleObject
GetComputerNameA
GetStartupInfoA
GetSystemDirectoryA
CreateProcessA
GetTickCount
CreateFileA
GetVersion
MultiByteToWideChar
lstrcmpiA
lstrlenA
HeapReAlloc
lstrcpyA
lstrcatA
WideCharToMultiByte
FreeLibrary
GetModuleHandleA
GetProcAddress
CloseHandle
CreateThread
GetExitCodeThread
GetLastError
SetLastError
FormatMessageA
LocalFree
Sleep
GetModuleFileNameA
lstrcpynA
GetVersionExA
FindResourceA
LoadResource
LockResource
GetProcessHeap
HeapAlloc
HeapFree
GetACP
GetOEMCP
GetStdHandle
VirtualProtect
VirtualQuery
InterlockedExchange
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetCommandLineA
TerminateProcess
RtlUnwind
ExitProcess

user32

SetWindowPos
DestroyWindow
GetSystemMetrics
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateDialogParamA
wsprintfA
LoadStringA
PostQuitMessage
SystemParametersInfoA
DefWindowProcA
GetDlgItem
SetWindowTextA
SendMessageA
ShowWindow
UpdateWindow
MessageBoxA
GetWindowRect
GetMessageA

gdi32

CreateFontIndirectA
DeleteObject

advapi32

ControlService
ChangeServiceConfigA
CreateServiceA
QueryServiceConfigA
EnumDependentServicesA
StartServiceA
DeleteService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
CloseServiceHandle
EqualSid
LookupAccountNameA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

odbc32

ord9
ord31
ord24
ord75
ord41
ord35
ord36
ord11

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fyqjehd
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

997f8be932bbc686f5b13b8ab97060c6

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

advapi32

odbc32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 36KB - Virtual size: 36KB

fyqjehd Size: - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 36KB - Virtual size: 36KB

fyqjehd
Size: - Virtual size: 4KB