4ac1f0b02439da56405a5f1dca70e0c37e66a008644a3d0f53e4e20e12f5738a

General

Target

4ac1f0b02439da56405a5f1dca70e0c37e66a008644a3d0f53e4e20e12f5738a
Size

157KB
MD5

a1dc476d96725f690803a005441aba7a
SHA1

e16bb02dd4a8f300303a0c9c14912a12489209a4
SHA256

4ac1f0b02439da56405a5f1dca70e0c37e66a008644a3d0f53e4e20e12f5738a
SHA512

d054c5e5c5e7690e875a6d26491fbe988700e12ed4027758648a116235596ab113ce57b9e400e44ac95fd668e3473444103e37de1e1f549de4750d493e0fdb52
SSDEEP

3072:ot/xfjWAsYfNzlTKHo/xZP2hlH4PZ6o6yYhK9kG5ZHaqtbx0:otZfyADfjKHoS6PZCmBaq

Score

N/A

Malware Config

Signatures

Files

4ac1f0b02439da56405a5f1dca70e0c37e66a008644a3d0f53e4e20e12f5738a
.exe windows x86

2a3b4495b35b2488cd860737c86560af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord65

kernel32

CreateMutexA
IsDebuggerPresent
GetTickCount
GetCommandLineW
CreateSemaphoreA
GetCommandLineA
GetModuleHandleA
VirtualAlloc
GetEnvironmentStringsW
GetCurrentThread
GetCurrentProcessId
CompareStringW
GetVersionExA
TlsGetValue
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
SetEnvironmentVariableA
GetLastError
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
Sleep
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA

gdi32

GetTextColor
GetTextMetricsA
AbortDoc

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a3b4495b35b2488cd860737c86560af

Headers

DLL Characteristics

File Characteristics

Imports

msi

kernel32

gdi32

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 111KB - Virtual size: 193KB

.rsrc Size: 1024B - Virtual size: 616B

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 111KB - Virtual size: 193KB

.rsrc
Size: 1024B - Virtual size: 616B