5c4048888c95ee85463be69a10046561377b49329ed6979fdc3225b3345853a3

Sharing

Copy URL Twitter E-mail

General

Target

5c4048888c95ee85463be69a10046561377b49329ed6979fdc3225b3345853a3
Size

243KB
MD5

80b6337b683fb6b9eda97eb786c256b0
SHA1

97b78432d6e19a23d58ee9be524c5d9fe86bcebe
SHA256

5c4048888c95ee85463be69a10046561377b49329ed6979fdc3225b3345853a3
SHA512

49012f7aecd75f38c2b70578daaa6ad0b8fb08df075c36c8d0d4e19a8ce557db3b78b6bf4547a54daac784595e3398336593a69bbf4dd0317dec7179ae592068
SSDEEP

6144:vPiI/QrVGALUeedEi2IK79yLzDYQ+FFuU:3iwQrc0e+iQ9OkFuU

Score

N/A

Malware Config

Signatures

Files

5c4048888c95ee85463be69a10046561377b49329ed6979fdc3225b3345853a3
.exe windows x86

7b9efe9dbc022dd123e423e0bec7719f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetPropW
FlashWindow
IsWindowVisible
EnumDesktopsW
EnumDisplaySettingsW
SendNotifyMessageW
BringWindowToTop

comdlg32

GetSaveFileNameW
PrintDlgA

urlmon

FindMediaTypeClass
CreateAsyncBindCtx
RegisterMediaTypeClass
FindMediaType
HlinkNavigateString

advapi32

AddAccessDeniedAce
RegDeleteKeyW
OpenSCManagerA
GetServiceKeyNameA
DuplicateTokenEx
AllocateLocallyUniqueId

kernel32

HeapSize
LCMapStringW
Sleep
HeapFree
IsValidCodePage
GetOEMCP
GetACP
MultiByteToWideChar
GetStringTypeW
HeapAlloc
HeapReAlloc
IsProcessorFeaturePresent
RtlUnwind
GetFileType
GetLastError
GetFileAttributesW
lstrcpyA
lstrcpyW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
GetCPInfo

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b9efe9dbc022dd123e423e0bec7719f

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

urlmon

advapi32

kernel32

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 7KB - Virtual size: 9KB

.rsrc Size: 207KB - Virtual size: 206KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 7KB - Virtual size: 9KB

.rsrc
Size: 207KB - Virtual size: 206KB

.reloc
Size: 2KB - Virtual size: 1KB