0a4d58dbefe6d3d5fd508e207c5a25d267c4fda045f49cb72bab2a9abf6ceb0e

General

Target

0a4d58dbefe6d3d5fd508e207c5a25d267c4fda045f49cb72bab2a9abf6ceb0e
Size

168KB
MD5

41b136905bc531d423dc4b1878afe851
SHA1

730e5cb77fefff6e5cc208015ef45749e22568ad
SHA256

0a4d58dbefe6d3d5fd508e207c5a25d267c4fda045f49cb72bab2a9abf6ceb0e
SHA512

4f56c194f336ef42898f75c466d1a46d6621eb4770a80aa4a449e18e0ade1ddbdae373d552347e5e29eea320a84a9071f89287975059f78a4794199a147381bd
SSDEEP

3072:qlqAn43vSFjHvL8XI/0ZHA9Nqafoekupjf82o2jaX4e7w+F/HH:uqy43vQGq0ZHA9ZgEf8qoDrh

Score

N/A

Malware Config

Signatures

Files

0a4d58dbefe6d3d5fd508e207c5a25d267c4fda045f49cb72bab2a9abf6ceb0e
.exe windows x86

c56e9236b318f794121a6914f6419532

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetSystemMetrics
GetParent
CharNextA
GetDesktopWindow
TranslateMessage

kernel32

GetCurrentProcess
GetStartupInfoA
GetTickCount
lstrlenA
CopyFileA
MulDiv
GlobalFindAtomA
VirtualAlloc
GetModuleHandleW
GetWindowsDirectoryA
GetProcessHeap
GetCurrentThreadId
DeleteFileW
SetCurrentDirectoryA
GetCurrentThread
VirtualFree
GetOEMCP
GetModuleHandleA
lstrlenW
DeleteFileA
lstrcmpiW
GetConsoleOutputCP
IsDebuggerPresent
RemoveDirectoryA
GetCommandLineW
GetThreadLocale
GetCommandLineA
GetUserDefaultLangID
lstrcmpA
GetCurrentProcessId
GetDriveTypeA
GetVersion
GetACP
QueryPerformanceCounter
lstrcmpiA

gdi32

GetPixel
SaveDC
DeleteDC
GetTextMetricsA
SetTextAlign
RectVisible
GetStockObject
GetDeviceCaps
SelectPalette
RestoreDC
CreateSolidBrush
DeleteObject
SetStretchBltMode
GetClipBox
CreateFontIndirectA
GetObjectA
CreatePen
SelectObject
CreateCompatibleDC
CreatePalette
PatBlt
LineTo
SetMapMode
SetTextColor

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fedjkouo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Vyta, Cj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c56e9236b318f794121a6914f6419532

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Fedjkouo Size: 512B - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 24KB

Vyta, Cj Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 11KB

Fedjkouo
Size: 512B - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 24KB

Vyta, Cj
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 28KB