50651bc3b776a2636608cf3d6e2ee64e43842e7b2a26f783b3c3ab9b58e1c699

Sharing

Copy URL Twitter E-mail

General

Target

50651bc3b776a2636608cf3d6e2ee64e43842e7b2a26f783b3c3ab9b58e1c699
Size

1.0MB
MD5

48feb8d264745608903de47dc0452f80
SHA1

f1454ae845fc9ac29fb0dac1428f611f4e77949f
SHA256

50651bc3b776a2636608cf3d6e2ee64e43842e7b2a26f783b3c3ab9b58e1c699
SHA512

83dbc7e519387da37d20094738160d2ea87917d1ceda48335063589fb78c21792060785f6271065d79428a0bdaf657f86e9e6d34e9f7c18903359e692d52a915
SSDEEP

12288:jz32M1uJFaQvSR+AcSv6iH6nbGNBByN4JCrX6IveDuUltYeDuUlREq/ba:Hx1uJFaQaR+gvbHbBy9vjVc

Score

N/A

Malware Config

Signatures

Files

50651bc3b776a2636608cf3d6e2ee64e43842e7b2a26f783b3c3ab9b58e1c699
.exe windows x86

895e9469c3cc5540fa2a65f2a481ceda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetConnectionA
WNetCancelConnection2A

kernel32

GetSystemTime
SetEnvironmentVariableA
CompareStringW
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetDriveTypeA
GetModuleHandleA
CloseHandle
GetCurrentProcess
GetTickCount
GetTempPathA
GetSystemDirectoryA
SetLastError
GetWindowsDirectoryA
GetFileAttributesA
FindClose
FindNextFileA
lstrcmpA
FindFirstFileA
GetPrivateProfileStringA
MultiByteToWideChar
lstrlenA
GetFullPathNameA
GetModuleFileNameA
GetCurrentDirectoryA
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThreadId
LoadLibraryA
FreeLibrary
GetProcAddress
LockResource
LoadResource
FindResourceExA
FindResourceA
GetLogicalDrives
GetShortPathNameA
TerminateProcess
OpenProcess
WaitForSingleObject
ResumeThread
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
Sleep
WritePrivateProfileSectionA
GetPrivateProfileSectionA
MoveFileExA
GlobalGetAtomNameA
CreateProcessA
GetUserDefaultLangID
CopyFileA
GetCommandLineA
CreateMutexA
GetVersionExA
LocalFree
FormatMessageA
GetSystemDefaultLangID
GetFileSize
CreateFileA
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
WriteFile
CreateThread
OpenMutexA
ReleaseMutex
CreateEventA
SetEvent
GetEnvironmentVariableA
GetLocaleInfoA
WideCharToMultiByte
MoveFileA
CompareFileTime
GetFileTime
OpenFile
WritePrivateProfileStringA
HeapAlloc
GetProcessHeap
HeapFree
GlobalFree
GlobalAlloc
GetExitCodeProcess
GetStartupInfoA
FlushFileBuffers
lstrcatA
LocalAlloc
InterlockedExchange
RaiseException
InterlockedDecrement
GlobalUnlock
GlobalLock
lstrcpyA
GlobalFindAtomA
lstrcmpiA
GetVersion
InterlockedIncrement
lstrlenW
MulDiv
DuplicateHandle
ReadFile
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
lstrcpynA
GetThreadLocale
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentThread
SetThreadPriority
SuspendThread
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
GetTimeZoneInformation
CompareStringA
GetLocalTime
ExitProcess
IsBadReadPtr
ExitThread
GetACP
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
IsBadCodePtr

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

olepro32

ord253

oleaut32

SysStringLen
VariantChangeType
SysAllocStringByteLen
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantTimeToSystemTime
SysFreeString
SysAllocString
SysAllocStringLen
VariantClear

Sections

.text
Size: 408KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

:'"
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

895e9469c3cc5540fa2a65f2a481ceda

Headers

File Characteristics

Imports

mpr

kernel32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 408KB - Virtual size: 406KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 60KB - Virtual size: 138KB

.rsrc Size: 400KB - Virtual size: 398KB

:'" Size: 84KB - Virtual size: 84KB

.text
Size: 408KB - Virtual size: 406KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 60KB - Virtual size: 138KB

.rsrc
Size: 400KB - Virtual size: 398KB

:'"
Size: 84KB - Virtual size: 84KB