4de9651b7ff1a3e5bd36fe3729566f4469288c460c03abd843dc2f305c4b61e3

Sharing

Copy URL Twitter E-mail

General

Target

4de9651b7ff1a3e5bd36fe3729566f4469288c460c03abd843dc2f305c4b61e3
Size

676KB
MD5

4895174e5eac0b4fbcc8bf0b4c8f7000
SHA1

1c89dfecde76f208c90f71c6da17eb57963b395b
SHA256

4de9651b7ff1a3e5bd36fe3729566f4469288c460c03abd843dc2f305c4b61e3
SHA512

164c4b58c1c1b6c00e65aca2179682cf171f587e6cad7ee13994499a05f3df78467dbe798605f4c8bb758497a66c366593adbad54a45e540fde77449576c1cc3
SSDEEP

12288:Mi0cIMZhSDjYq2BHeq0eX690QnMmmw+m2cztQ6Ps0:MiLIzDE/BH+eY0nb7c3s0

Score

N/A

Malware Config

Signatures

Files

4de9651b7ff1a3e5bd36fe3729566f4469288c460c03abd843dc2f305c4b61e3
.exe windows x86

3377f1157384290c40dd6067aa787bd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LocalFree
RaiseException
FreeEnvironmentStringsA
GetLogicalDrives
InterlockedExchange
ReadFile
GetTempPathW
lstrcmpA
GetTimeZoneInformation
lstrcmpiA
LockResource
lstrcpynA
WriteFile
GetSystemTime
CreateProcessW
FreeEnvironmentStringsW
SetErrorMode
SetEvent
SetUnhandledExceptionFilter
GetCommandLineA
lstrlenA
EnumSystemLocalesA
SetEnvironmentVariableA
GlobalDeleteAtom
GetStartupInfoA
GetStdHandle
DeleteCriticalSection
GetLocalTime
SetFileTime
IsBadWritePtr
GetLocaleInfoW
VirtualFree
HeapSize
GetSystemDirectoryA
GetDateFormatA
LCMapStringW
GetSystemTimeAsFileTime
MultiByteToWideChar
FormatMessageW
GetProcAddress
HeapAlloc
CreateMutexA
ExitProcess
SetCurrentDirectoryA
MulDiv
FileTimeToLocalFileTime
VirtualAlloc
SetThreadPriority
FormatMessageA
CreateProcessA
MapViewOfFile
SetHandleCount
GetFileSize
GetModuleFileNameA
FileTimeToSystemTime
ResumeThread
SetConsoleCtrlHandler
SetFileAttributesA
VirtualQuery
SetEndOfFile
EnterCriticalSection
FreeLibrary
CloseHandle
SetFilePointer
GetTimeFormatA
CompareStringA
GetExitCodeProcess
DeleteFileA
GetThreadLocale
TerminateProcess
GetCurrentDirectoryA
FreeResource
GetStringTypeA
GetLocaleInfoA
GetFileAttributesA
Sleep
GetVersion
GetCurrentProcessId
UnhandledExceptionFilter
WriteConsoleW
LoadResource
FindNextFileA
CreateDirectoryW
FlushFileBuffers
GetTempFileNameA
HeapCreate
LocalReAlloc
CreateFileA
GetACP
GlobalLock
IsValidLocale
TlsSetValue
DuplicateHandle
GetEnvironmentStrings
InterlockedIncrement
lstrcmpW
HeapFree
IsDebuggerPresent
GetFileTime
WaitForSingleObject
HeapDestroy
TlsGetValue
GetFullPathNameA
LeaveCriticalSection
GlobalSize
LCMapStringA
GlobalUnlock
WriteConsoleA
FindFirstFileA
TlsFree
GetDriveTypeA
GetModuleFileNameW
CreateDirectoryA
GetTempPathA
GetEnvironmentStringsW
GetCurrentThreadId
SizeofResource
VirtualProtect
CopyFileW
InterlockedDecrement
GetCurrentThread
GetCPInfo
GlobalFree
GlobalHandle
GetStringTypeW
SystemTimeToFileTime
WideCharToMultiByte
SuspendThread
SetLastError
RtlUnwind
GetProcessHeap
MoveFileW
HeapReAlloc
GetTickCount
InitializeCriticalSection
FindClose
GetModuleHandleA
ExitThread
GetOEMCP
FatalAppExitA
GetLastError
GlobalAlloc
GetUserDefaultLCID
LoadLibraryA
CompareStringW
SetStdHandle
CreateThread
GetFileType
LocalFileTimeToFileTime
GetVersionExA
GetSystemDefaultLangID
TlsAlloc
QueryPerformanceCounter
IsValidCodePage
lstrlenW

advapi32

RegOpenKeyExA
CryptEncrypt
GetFileSecurityA
RegDeleteValueA
RegCreateKeyA
CryptReleaseContext
CryptDecrypt
RegSetValueExA
CryptCreateHash
CryptAcquireContextA
RegOpenKeyA
RegQueryInfoKeyA
RegCloseKey
CryptDestroyKey
RegSetValueA
SetFileSecurityA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueA
RegCreateKeyExA
RegEnumKeyExA
CryptHashData
GetUserNameA
CryptDestroyHash
RegEnumValueA
CryptDeriveKey

comctl32

ImageList_AddMasked
ImageList_Draw
ord17
ImageList_GetImageInfo
ImageList_GetIconSize

winspool.drv

ord204
OpenPrinterA

user32

TrackPopupMenu
GetForegroundWindow
MessageBeep
CharNextA
InflateRect
SetCapture
DrawTextExA
DrawEdge
SetWindowRgn
RegisterWindowMessageA
TranslateAcceleratorA
ShowCaret
IsZoomed
IsWindowEnabled
GetMenuStringA
PtInRect
AdjustWindowRectEx
VkKeyScanA
GetMenuItemCount
SystemParametersInfoA
ShowWindow
FindWindowA
CreateWindowExA
MoveWindow
GetWindowRect
InvalidateRgn
KillTimer
GetMessagePos
DefWindowProcA
PeekMessageA
SetWindowTextA
RegisterClassA
DeferWindowPos
GetMenuItemID
ShowScrollBar
DestroyWindow
PostMessageA
DeleteMenu
LoadCursorA
GetParent
DrawFocusRect
GetFocus
IsMenu
LoadBitmapA
GetSubMenu
DrawIcon
ModifyMenuA
GetMessageTime
SetRectEmpty
PostQuitMessage
RegisterClassExA
AppendMenuA
GetCursorPos
SetTimer
IntersectRect
PostThreadMessageA
GetKeyState
DispatchMessageA
GetKeyNameTextA
GetWindowThreadProcessId
GetCapture
SetCursor
MessageBoxA
FillRect
GetWindow
LoadStringA
TranslateMessage
GetSystemMenu
CopyIcon
CharUpperBuffA
ValidateRect
CloseClipboard
GetWindowPlacement
GetClassNameA
CharUpperA
UpdateWindow
SetMenuDefaultItem
IsWindowVisible
WaitMessage
GetMenuState
GetDesktopWindow
CopyRect
EnableMenuItem
SetWindowLongA
CreateDialogIndirectParamA
MapDialogRect
GetMessageA
RegisterClipboardFormatA
RemovePropA

ole32

OleLockRunning
CoTaskMemFree
StgOpenStorageOnILockBytes
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
CoUninitialize
CoRevokeClassObject
CoCreateInstance
CoTaskMemRealloc
RevokeDragDrop
CoGetClassObject
OleInitialize
CoTaskMemAlloc
CoLockObjectExternal
CoInitialize

urlmon

CoInternetGetSession

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetFileInfoW
DragFinish
SHGetPathFromIDListW
SHGetMalloc
SHFileOperationW
ord155
Shell_NotifyIconW
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW
DragAcceptFiles
ShellExecuteExW

mfc42

ord1576

oleaut32

LoadTypeLi

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3377f1157384290c40dd6067aa787bd1

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

winspool.drv

user32

ole32

urlmon

shell32

mfc42

oleaut32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 452KB - Virtual size: 450KB

.data Size: 96KB - Virtual size: 119KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 452KB - Virtual size: 450KB

.data
Size: 96KB - Virtual size: 119KB

.rsrc
Size: 48KB - Virtual size: 46KB