4cb25ecc3be365dcc93d314b92f5a6b6f67713bb525f68f9be17bc71e04ef2da

Sharing

Copy URL Twitter E-mail

General

Target

4cb25ecc3be365dcc93d314b92f5a6b6f67713bb525f68f9be17bc71e04ef2da
Size

521KB
MD5

591574d5a449a376a9694c1ff8c3a3e7
SHA1

7583b181995c336501bce8506d107cd355137789
SHA256

4cb25ecc3be365dcc93d314b92f5a6b6f67713bb525f68f9be17bc71e04ef2da
SHA512

058670df6b6cd254ba7beaeae9a607763c509767aa8edd1509da8e0c2223b10868134dc7c4a64ff528e4af0ceb905e55826cf5a0088eebc77cb77f4184eb7f2a
SSDEEP

6144:WjT6OtRD1KNusQ1b3qZncijDdvNSsabni87u5LvFA6/rzik+/W2I0JC2DncW6oVf:uZtRDUal3obStni8aZvFAgzOV5v6WRb

Score

N/A

Malware Config

Signatures

Files

4cb25ecc3be365dcc93d314b92f5a6b6f67713bb525f68f9be17bc71e04ef2da
.exe windows x86

9ae3268c6eca598c1d72c5696b295536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

kernel32

SetHandleInformation
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
ReadFile
GetConsoleMode
GetConsoleCP
VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
FreeEnvironmentStringsA
DeleteCriticalSection
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetProcAddress
FreeLibrary
CreateEventA
WaitForMultipleObjects
FormatMessageA
MultiByteToWideChar
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
SetFilePointer
CreateFileA
CloseHandle
ExpandEnvironmentStringsA
WideCharToMultiByte
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetModuleHandleA
AllocConsole
LoadLibraryA
GetCurrentDirectoryA
CreateDirectoryA
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCPInfo
HeapSize
Sleep
GetTimeZoneInformation
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
GetStdHandle
WriteFile
HeapReAlloc
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
ExitProcess
GetDateFormatA
GetTimeFormatA
RaiseException
IsDebuggerPresent
GetEnvironmentStrings
SetEndOfFile
RtlUnwind

user32

SetWindowTextA
GetPropA
SetPropA
GetDlgItem
SetWindowPos
GetWindowRect
GetClientRect
SendMessageA
PostQuitMessage
DestroyWindow
GetForegroundWindow
LoadCursorA
LoadIconA
MessageBoxA
DispatchMessageA
TranslateMessage
SetFocus
EnableWindow
ShowWindow
ScreenToClient
GetWindowLongA
SetWindowLongA
CreateWindowExA
RegisterClassExA
CreateDialogParamA
RemovePropA
DefWindowProcA
PeekMessageA
MsgWaitForMultipleObjects
GetDC
ReleaseDC
DrawTextA
DialogBoxParamA
LoadImageA
GetMessagePos
SetCursor
EndDialog
CallWindowProcA

gdi32

GetCurrentObject
GetObjectA
CreateFontIndirectA
GetTextExtentPoint32A
DeleteObject
SetTextColor
SelectObject
GetDeviceCaps

comdlg32

GetSaveFileNameA

advapi32

RegEnumValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegQueryInfoKeyA
GetUserNameA
RegSetValueExA
RegCloseKey
IsTextUnicode

shell32

ShellExecuteA

ws2_32

WSAIoctl
WSAEventSelect
WSASetEvent
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
setsockopt
WSAStartup
htons
inet_ntoa
getsockname
getpeername
closesocket
WSAConnect
socket
gethostbyname
inet_addr
ioctlsocket
getsockopt
send
select
recv
WSAGetLastError

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ae3268c6eca598c1d72c5696b295536

Headers

File Characteristics

Imports

shfolder

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ws2_32

version

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 252KB - Virtual size: 251KB

.trdata Size: 68KB - Virtual size: 68KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 252KB - Virtual size: 251KB

.trdata
Size: 68KB - Virtual size: 68KB