4915fbd1d3fcc3872beee8d5ef7ed33c389aad16943d48758f32a9ec24642cf7

Sharing

Copy URL Twitter E-mail

General

Target

4915fbd1d3fcc3872beee8d5ef7ed33c389aad16943d48758f32a9ec24642cf7
Size

395KB
MD5

80c52ec792370384b08c14f780a1ef30
SHA1

905a026fb4b6733fe7b9defab70877785d142f89
SHA256

4915fbd1d3fcc3872beee8d5ef7ed33c389aad16943d48758f32a9ec24642cf7
SHA512

146cb3eced03e06b5d278cc0a6cf7eafaed8a57e232f1c4685a12c9e1fd66536b4ab552cd4db68db04932bd2ded2dcb3100817eecf71d549825ea25f1001050b
SSDEEP

6144:U5kWt7DZDIPJ4VnzclGFIw7pL9/Ejqiw/faXb26pu1HegWbTRaPI5Tu9z14jT+:U5vDyBSzdOqiwub2601+gWp9u9zQi

Score

N/A

Malware Config

Signatures

Files

4915fbd1d3fcc3872beee8d5ef7ed33c389aad16943d48758f32a9ec24642cf7
.exe windows x86

476a8f9198abec9899cbda7c2453f3bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentProcessId
HeapLock
GetSystemDefaultUILanguage
SetCurrentDirectoryA
GetEnvironmentStringsA
SleepEx
SetThreadExecutionState
GetStringTypeA
CreateFileA
MapViewOfFile
lstrcatA
InterlockedPopEntrySList
InterlockedPushEntrySList
TerminateThread
CreateNamedPipeA
ExpandEnvironmentStringsA
RtlFillMemory
GetSystemDefaultLCID
SetFilePointer
InitializeCriticalSection
SystemTimeToFileTime
DecodePointer
CreateFileMappingA
WriteFileGather
WriteFile
SetThreadAffinityMask
GetLocalTime
FreeEnvironmentStringsA
GetUserDefaultUILanguage
GetNamedPipeInfo
ReadFile
GetSystemDefaultLangID
GetCurrentProcess
ResumeThread
PeekNamedPipe
RegisterWaitForSingleObject
VirtualAllocEx
GetUserDefaultLangID
EnumSystemLanguageGroupsA
HeapSummary
CopyFileA
CreateThread
GetThreadSelectorEntry
UnmapViewOfFile
CreateMutexA
IsValidLocale
EnterCriticalSection
SetLastError
RegisterWaitForInputIdle
LeaveCriticalSection
GetFileAttributesA
InterlockedExchangeAdd
lstrlenW
TransactNamedPipe
GetSystemTime
InterlockedFlushSList
IsBadStringPtrA
HeapValidate
HeapFree
RegisterWaitForSingleObjectEx
DeleteFileA
EncodePointer
CallNamedPipeA
lstrcmpiA
MapViewOfFileEx
lstrcmpiW
FileTimeToLocalFileTime
ConvertDefaultLocale
InterlockedExchange
ConnectNamedPipe
lstrcpynW
GetSystemTimes
RtlZeroMemory
GetTickCount
lstrcmpA
GetLocaleInfoA
CopyFileExA
WaitForSingleObject
GetFileTime
RtlMoveMemory
HeapAlloc
EnumLanguageGroupLocalesA
HeapCreate
HeapSize
SetThreadUILanguage
HeapWalk
SuspendThread
HeapDestroy
OpenThread
WaitForSingleObject
SetThreadIdealProcessor

advapi32

RegOpenKeyExA
RegCreateKeyW
RegQueryValueExW
RegFlushKey
RegQueryValueExA

msvcrt

_controlfp
srand
__set_app_type
_except_handler3
_adjust_fdiv
isdigit
_initterm
__p__commode

user32

ReleaseDC
GetMessageW
SetCursor
SetWindowTextW
wsprintfW
SendMessageW
SystemParametersInfoW
RegisterClassW
ShowCursor
GetDlgItem
MessageBoxW
GetMenu
LoadCursorW
EnableMenuItem
UpdateWindow
LoadStringW
ReleaseCapture
MessageBeep
EndDialog

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

476a8f9198abec9899cbda7c2453f3bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

Sections

.text Size: 243KB - Virtual size: 243KB

.data Size: 142KB - Virtual size: 141KB

.rsrc Size: 9KB - Virtual size: 368KB

.text
Size: 243KB - Virtual size: 243KB

.data
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 9KB - Virtual size: 368KB