fc4241bea3278816c9a831b2da3506fbdd55257e993cb5e0982da871b6e15661

Sharing

Copy URL Twitter E-mail

General

Target

fc4241bea3278816c9a831b2da3506fbdd55257e993cb5e0982da871b6e15661
Size

588KB
MD5

91e39543db4fbb78aa0167eb5675ec8f
SHA1

4df622231a950b62a00bb98005ae75d81d432ec0
SHA256

fc4241bea3278816c9a831b2da3506fbdd55257e993cb5e0982da871b6e15661
SHA512

5f26890edaaf3bfb1e06149b1eb7b3c2ea773b1bd6214b13cedd5c35bbdc91eeb7301e36df1cc95006be2dec457a1af32a7717486271306714e74cda33a22c84
SSDEEP

12288:aNT3vHyR5+bODDVt5YQN/nwpkO5K/4bRlzQBwBuFyQb:ojvHnbMDVcQN8HRlqwBuFD

Score

N/A

Malware Config

Signatures

Files

fc4241bea3278816c9a831b2da3506fbdd55257e993cb5e0982da871b6e15661
.exe windows x86

6a03995cc301dc44d7083b42dbe84b0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
ConnectNamedPipe
CreateNamedPipeA
GetTickCount
LocalFree
LocalAlloc
OpenFile
GetLocalTime
Beep
GetPrivateProfileStringA
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
GetExitCodeThread
QueryPerformanceCounter
DisconnectNamedPipe
SetStdHandle
SetConsoleCtrlHandler
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
CreateProcessA
ReadFile
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
RaiseException
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
InterlockedExchange
HeapSize
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
IsBadReadPtr
RtlUnwind
GetCurrentThread
SetThreadPriority
ExitThread
TerminateThread
GetCurrentProcess
GetSystemDirectoryA
SetUnhandledExceptionFilter
OpenProcess
WideCharToMultiByte
DeleteFileA
GetProcessHeap
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
GetCurrentProcessId
CreateSemaphoreA
InterlockedDecrement
InterlockedIncrement
PulseEvent
CreateMutexA
ReleaseSemaphore
DeviceIoControl
GetVersionExA
GetSystemPowerStatus
CreateThread
GetModuleFileNameA
GetExitCodeProcess
TerminateProcess
GetSystemTime
CreateFileA
SetFilePointer
WriteFile
ExitProcess
OpenMutexA
ReleaseMutex
OutputDebugStringA
CallNamedPipeA
GetProcAddress
FreeLibrary
LoadLibraryA
OpenEventA
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateEventA
ResetEvent
Sleep
GetCurrentThreadId
GetLastError
IsBadCodePtr
CloseHandle

user32

EnumDisplaySettingsA
KillTimer
UnregisterDeviceNotification
RegisterDeviceNotificationA
SetTimer
SetCursor
SendInput
EnumWindows
SendMessageA
GetPropA
RegisterWindowMessageA
RegisterHotKey
UnregisterHotKey
GetForegroundWindow
GetDesktopWindow
GetWindowThreadProcessId
BroadcastSystemMessageA
ExitWindowsEx
SystemParametersInfoA
OpenDesktopA
CloseDesktop
SendNotifyMessageA
MsgWaitForMultipleObjects
GetCursorPos
MonitorFromPoint
GetMonitorInfoA
GetMessageA
DispatchMessageA
TranslateMessage
IsWindow
DestroyWindow
DefWindowProcA
PostMessageA
FindWindowA
RegisterClassA
CreateWindowExA
ShowWindow
MessageBoxA
EnumDisplayDevicesA
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
EnumDisplaySettingsExA
GetSystemMetrics
SetWindowPos
GetCursor
LoadCursorA

gdi32

DeleteDC
CreateDCA
ExtEscape

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitializeSecurity

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

userenv

LoadUserProfileA
UnloadUserProfile
GetUserProfileDirectoryW

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInfoListDetailA
SetupDiGetClassDevsA
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdA
CM_Reenumerate_DevNode
SetupDiGetHwProfileList
CM_Get_DevNode_Registry_PropertyA
CM_Get_Device_ID_ExA
CM_Get_Parent

advapi32

ImpersonateLoggedOnUser
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
QueryServiceStatus
RegSetValueExA
StartServiceA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
SetServiceStatus
CreateProcessAsUserA
RegCreateKeyA
CreateServiceA
DeleteService
RegisterServiceCtrlHandlerExA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
RegOpenCurrentUser
FreeSid
RegCreateKeyExA
AddAccessAllowedAce
InitializeAcl
SetSecurityDescriptorOwner
AllocateAndInitializeSid
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
GetLengthSid
OpenProcessToken
CheckTokenMembership
AdjustTokenPrivileges
LookupPrivilegeValueA
GetUserNameA
SetThreadToken
OpenThreadToken
RevertToSelf

Sections

.text
Size: 416KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a03995cc301dc44d7083b42dbe84b0e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

userenv

psapi

setupapi

advapi32

Sections

.text Size: 416KB - Virtual size: 414KB

.rdata Size: 152KB - Virtual size: 150KB

.data Size: 8KB - Virtual size: 31KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 416KB - Virtual size: 414KB

.rdata
Size: 152KB - Virtual size: 150KB

.data
Size: 8KB - Virtual size: 31KB

.rsrc
Size: 8KB - Virtual size: 4KB