4a626ca169c59d4b0824925fddc760694d43bb461e45d79d411b5243f9bbc3ff

Sharing

Copy URL Twitter E-mail

General

Target

4a626ca169c59d4b0824925fddc760694d43bb461e45d79d411b5243f9bbc3ff
Size

526KB
MD5

76f90501eb2794c4667e9f414573a5eb
SHA1

9e95b4a36944943e965093dbd2dfcec2745817bd
SHA256

4a626ca169c59d4b0824925fddc760694d43bb461e45d79d411b5243f9bbc3ff
SHA512

f62341e8005fcbcfff587cd2657166c7f5119997f03ce27b7279606c920b59a35eb8ed225b38419bbfc66626f9410da97af916726202f72dbcfe78294bae2ce0
SSDEEP

6144:yCkKAhStbeEnumH8Ut+qglRIhABRwF9jskQGP96xWnebdNu/lmK7BfvVJPHpg/zw:yCbMStb9nD+qy1BRwnjDTsYlFEkL

Score

N/A

Malware Config

Signatures

Files

4a626ca169c59d4b0824925fddc760694d43bb461e45d79d411b5243f9bbc3ff
.exe windows x86

a63070ca667702d27423f3b268851d71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreateCompatibleBitmap
SelectObject
GetDeviceCaps
CreateSolidBrush

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
SetSecurityDescriptorOwner
OpenThreadToken
RegOpenKeyW
InitializeSecurityDescriptor
CopySid
RegDeleteKeyW
RegQueryValueExW
GetLengthSid

kernel32

QueryPerformanceFrequency
GetProcessWorkingSetSize
GetTickCount
MulDiv
GetProcAddress
SetWaitableTimer
InitializeCriticalSection
SetThreadExecutionState
VirtualFree
InterlockedDecrement
GetCurrentThread
lstrcpyW
InterlockedIncrement
VirtualAllocEx
CloseHandle
GlobalAddAtomW
ReleaseMutex
CreateWaitableTimerW
GlobalDeleteAtom
GetCurrentProcess
DeleteCriticalSection
LoadLibraryW
HeapAlloc
OpenEventW
UnmapViewOfFile
SetThreadPriority
ReadFile
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
SetPriorityClass
GetTickCount

hid

HidP_GetUsages
HidP_MaxUsageListLength
HidD_GetAttributes

atl

ord20
ord44
ord18
ord32
ord30
ord57

msvcrt

exit
malloc
_wfopen
__CxxFrameHandler
_vsnwprintf
??2@YAPAXI@Z
free
_CxxThrowException
wcstol
fputws
_exit
_wcmdln
_c_exit
_onexit
wcscpy
swscanf
__setusermatherr
wcsstr
fclose
_purecall
_itow
??3@YAXPAX@Z

ole32

CoInitializeEx
CoTaskMemAlloc
CoInitializeSecurity

user32

GetPropW
MoveWindow
GetMessageW
DispatchMessageW
CallWindowProcW
EnumDisplaySettingsW
UnregisterDeviceNotification
DefWindowProcW
RegisterWindowMessageW
ShowWindow
IsWindow
RegisterDeviceNotificationW
PtInRect
GetSysColorBrush
SetWindowLongW
GetAncestor
CharNextW
UpdateLayeredWindow
DestroyWindow
GetSysColor
GetWindowLongW
MonitorFromWindow
GetUserObjectInformationW
OpenInputDesktop
LoadImageW
EnumDisplayMonitors
DestroyIcon
ClientToScreen
MonitorFromPoint
GetDoubleClickTime
SystemParametersInfoW

setupapi

SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiOpenDevRegKey

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a63070ca667702d27423f3b268851d71

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

advapi32

kernel32

hid

atl

msvcrt

ole32

user32

setupapi

Sections

.text Size: 367KB - Virtual size: 367KB

.data Size: 149KB - Virtual size: 149KB

.rsrc Size: 9KB - Virtual size: 204KB

.text
Size: 367KB - Virtual size: 367KB

.data
Size: 149KB - Virtual size: 149KB

.rsrc
Size: 9KB - Virtual size: 204KB