4e042eeb4d6607a5936a3a7b6e555a0f2dd64e68327e3fe3ac9fcbf8d19272a1

Sharing

Copy URL Twitter E-mail

General

Target

4e042eeb4d6607a5936a3a7b6e555a0f2dd64e68327e3fe3ac9fcbf8d19272a1
Size

291KB
MD5

96c2d27d5974e11e60a574bf8f04cb10
SHA1

4a285fc852fc4400495af92f5142dbc7ea452192
SHA256

4e042eeb4d6607a5936a3a7b6e555a0f2dd64e68327e3fe3ac9fcbf8d19272a1
SHA512

795f47e58fde9c08a7c17916a16b6b15e6a768e3df3aa3097ca87729925bb7bedd47e1abbe9cd343a031fb7591bceaab4727b3efdebb912af178ed90dfb23e88
SSDEEP

6144:1vspI4BDe2fNc5XZAL17lGr/pOUwsnnQ6Em2A7BxZf/I:BsO4BtSALFlG7pOUwsnTT2GxZHI

Score

N/A

Malware Config

Signatures

Files

4e042eeb4d6607a5936a3a7b6e555a0f2dd64e68327e3fe3ac9fcbf8d19272a1
.exe windows x86

46fbe5937052b10fee52f6ebbcb891da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

UnloadUserProfile

ole32

StringFromGUID2
CoRevertToSelf
CoImpersonateClient
CoTaskMemRealloc
ProgIDFromCLSID
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysAllocStringByteLen
VarUI4FromStr
SafeArrayLock
SafeArrayCreate
SafeArrayGetVartype
SysStringByteLen
RegisterTypeLi
SafeArrayDestroy
SetErrorInfo
SysStringLen
SysAllocString
VariantInit
VarCmp
SafeArrayUnlock
LoadTypeLi
LoadRegTypeLi
SafeArrayCopy
SysAllocStringLen
SafeArrayGetUBound
SafeArrayRedim
VarBstrCmp
CreateErrorInfo
SysFreeString
SafeArrayGetLBound
VariantCopy
VariantClear
VariantChangeType
UnRegisterTypeLi
VariantCopyInd

kernel32

LoadLibraryExW
CreateEventW
GetThreadLocale
LeaveCriticalSection
GetCurrentThreadId
HeapFree
GetACP
SizeofResource
FindResourceW
IsDebuggerPresent
UnhandledExceptionFilter
GetModuleHandleW
GetSystemTimeAsFileTime
FindResourceExW
lstrlenW
LoadResource
FreeLibrary
HeapSize
ResetEvent
GetProcessHeap
LocalFree
DeleteCriticalSection
EnterCriticalSection
LockResource
SetUnhandledExceptionFilter
RaiseException
HeapReAlloc
HeapDestroy
FormatMessageW
CloseHandle
lstrcmpiW
HeapAlloc
SetThreadLocale
CompareFileTime
VirtualAllocEx

advapi32

RegCloseKey
GetSecurityDescriptorControl
RegOpenKeyExW
MakeSelfRelativeSD
InitializeSid
GetLengthSid
SetSecurityDescriptorOwner
GetSecurityDescriptorLength
GetSecurityDescriptorSacl
GetAclInformation
GetSidSubAuthorityCount
InitializeSecurityDescriptor
InitializeAcl
IsValidSid
RegQueryInfoKeyW
GetTokenInformation
OpenProcessToken
GetSecurityDescriptorGroup
RegSetValueExW
ConvertStringSidToSidW
CopySid
RegEnumKeyExW
RegDeleteValueW
OpenThreadToken
GetSecurityDescriptorDacl
RegCreateKeyExW
EqualSid
LookupAccountSidW
SetSecurityDescriptorDacl
AddAce
ConvertSidToStringSidW
MakeAbsoluteSD
GetSidLengthRequired
GetSecurityDescriptorOwner
GetSidSubAuthority
RegDeleteKeyW

user32

UnregisterClassA
CharNextW
LoadStringW
wsprintfW

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
InitCommonControls
ImageList_EndDrag
DrawStatusTextA
GetMUILanguage
ImageList_Add
ImageList_GetFlags
CreatePropertySheetPageW

certcli

CAFindByCertType
CAGetCertTypeExtensionsEx
CACertTypeGetSecurity
CAAddCACertificateType
CACreateLocalAutoEnrollmentObject
CAEnumNextCA
CAUpdateCertType
CASetCASecurity

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 749KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46fbe5937052b10fee52f6ebbcb891da

Headers

File Characteristics

Imports

userenv

ole32

oleaut32

kernel32

advapi32

user32

comctl32

certcli

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 266KB - Virtual size: 749KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 266KB - Virtual size: 749KB

.rsrc
Size: 2KB - Virtual size: 1KB