4a9d4321f1c0ba75a1359d34a0a599c5854714e0e5d2f7bc7d1ce1d69704947e

Sharing

Copy URL Twitter E-mail

General

Target

4a9d4321f1c0ba75a1359d34a0a599c5854714e0e5d2f7bc7d1ce1d69704947e
Size

134KB
MD5

7459cbb8deaaddac7f952fd4e77b1221
SHA1

45dced7e2553610f962f5d84324d74051d5f2e5b
SHA256

4a9d4321f1c0ba75a1359d34a0a599c5854714e0e5d2f7bc7d1ce1d69704947e
SHA512

01fb2464070bc5b73d24c2fc4a69a4083992704f62584ae319bf84938cbb21d04b7d012330ba2391772a052d9d6b0dfc26f27d1319f2ccd914768ac28b93a704
SSDEEP

3072:0lWHLzlGgehvt/PgZnrvU/VqtBGvmdIpEaw:00HLAgefPgZnPkmow

Score

N/A

Malware Config

Signatures

Files

4a9d4321f1c0ba75a1359d34a0a599c5854714e0e5d2f7bc7d1ce1d69704947e
.exe windows x86

1b4388e08549223eedf0668aca7ba065

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcess
MoveFileA
DeleteFileA
GetModuleFileNameA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualFreeEx
GetExitCodeThread
WaitForSingleObject
CreateRemoteThread
GetThreadLocale
VirtualAllocEx
OpenProcess
CloseHandle
GetModuleHandleA
Process32Next
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
GetLastError
FlushFileBuffers
SetStdHandle
SetFilePointer
GetSystemInfo
GetLocaleInfoA
GetACP
WriteProcessMemory
InterlockedExchange
VirtualProtect
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
ExitProcess
RtlUnwind
GetCommandLineA
HeapAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
VirtualQuery
GetOEMCP
GetCPInfo
LCMapStringA
WideCharToMultiByte
LCMapStringW
TerminateProcess
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter

user32

FindWindowA
SendMessageTimeoutA
RegisterWindowMessageA
FindWindowExA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
SysFreeString

shlwapi

PathAppendA
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b4388e08549223eedf0668aca7ba065

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 76KB - Virtual size: 76KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 76KB - Virtual size: 76KB