4fc9707f874a339c86daff9d5a466808663485a377fe9b47afe1fc931a624a48

Sharing

Copy URL Twitter E-mail

General

Target

4fc9707f874a339c86daff9d5a466808663485a377fe9b47afe1fc931a624a48
Size

99KB
MD5

5fddc3142614633232f8b0dd1e303e2a
SHA1

c6f71d0578ac95f4ca9917d8eb2d6a08f237bada
SHA256

4fc9707f874a339c86daff9d5a466808663485a377fe9b47afe1fc931a624a48
SHA512

4dcbdd9b4d0e63ad96fdde58bbad54a74f30b5b1b8346a022929676d1b0ca30c02afbe29671cfa08d2df86ffc0657bb031397abd1f51bb6ac66dd5b80f1ac283
SSDEEP

1536:OZxZpsahghF7EsgwZmlSmheqmlJQa3cjIlDVgyusIxKAfMXQ79:OZPpJg3E8Z+JheqC/plxgPjB179

Score

N/A

Malware Config

Signatures

Files

4fc9707f874a339c86daff9d5a466808663485a377fe9b47afe1fc931a624a48
.exe windows x86

d08dafd82c5e72e88ba46a2e6df9ca1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDateFormatA
GetEnvironmentStrings
VirtualProtect
GetConsoleMode
GlobalHandle
GetModuleHandleA
CopyFileA
GlobalUnlock
IsDebuggerPresent
GlobalFree
GetUserDefaultLCID
GetStartupInfoA
GetFileType
GetThreadLocale
SetUnhandledExceptionFilter

user32

GetSysColor
SendMessageA
DrawTextA
GetDCEx
GetParent
SetTimer
DestroyMenu
GetWindowThreadProcessId
RemoveMenu
CallNextHookEx

msvcrt

putchar
sqrt
_except_handler3
__setusermatherr
__p__fmode
__getmainargs
_initterm
__set_app_type
exit
strtok
__p__commode
_XcptFilter
fread
_adjust_fdiv
longjmp
_acmdln

ole32

CoRegisterClassObject
OleInitialize
CLSIDFromString
OleRun
CoRegisterMessageFilter
OleGetClipboard

shell32

SHGetDesktopFolder
SHAddToRecentDocs
SHFileOperationW
ShellExecuteExW
SHBindToParent
ShellExecuteExA
SHGetSpecialFolderLocation
FindExecutableW
SHAppBarMessage
ExtractIconW

comctl32

PropertySheetW
ImageList_BeginDrag
InitializeFlatSB
ImageList_GetBkColor
ImageList_GetImageCount
ImageList_Create
ImageList_SetIconSize

advapi32

AdjustTokenPrivileges
CryptGenRandom
CopySid
RegQueryValueA
CheckTokenMembership
SetSecurityDescriptorGroup
OpenProcessToken
GetUserNameA

oleaut32

SafeArrayPutElement
CreateErrorInfo
LoadTypeLib
SafeArrayPtrOfIndex
VariantCopy
SysAllocStringByteLen
SysStringByteLen
GetActiveObject

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d08dafd82c5e72e88ba46a2e6df9ca1d

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ole32

shell32

comctl32

advapi32

oleaut32

Sections

.text Size: 68KB - Virtual size: 68KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 68KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB