4d59710eb92bbc838ef4eccb0a8a69632724ab67e3ad675aed71c3159ce26b25

Sharing

Copy URL Twitter E-mail

General

Target

4d59710eb92bbc838ef4eccb0a8a69632724ab67e3ad675aed71c3159ce26b25
Size

488KB
MD5

066f376ec704269b3203058129e40c46
SHA1

61dcde54c0c9b46b9c59511cddd8db7a9df06e5f
SHA256

4d59710eb92bbc838ef4eccb0a8a69632724ab67e3ad675aed71c3159ce26b25
SHA512

875a0886d66819c6d712209e88f2be32cafaf83b0a847a199450a6b180ed55ec1e3aee3b53f5360a2a2620e43ec39066d4e7da60f24e0aaa9f9441c32a603052
SSDEEP

6144:I4LdvRXf3vQGxYVJwaISwS7vuIsCdEETkYZEscWHmMsMUZayrg8cOUoNzI:IOXPYGTalwEsiEQhUMsL8y7cOUa

Score

N/A

Malware Config

Signatures

Files

4d59710eb92bbc838ef4eccb0a8a69632724ab67e3ad675aed71c3159ce26b25
.exe windows x86

fd41779323ba20461276ba64c6f79f7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalHandle
GlobalAlloc
MulDiv
LeaveCriticalSection
lstrlenW
EnterCriticalSection
SetEvent
GlobalFree
Sleep
LocalAlloc
InterlockedDecrement
GetCurrentProcessId
ResetEvent
CloseHandle
WaitForSingleObject
DeleteCriticalSection
WaitForMultipleObjects
CreateThread
GlobalReAlloc
GetModuleHandleW
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetSystemInfo
lstrcmpiW
GetCurrentProcess
IsWow64Process
GetLastError
SetLastError
LocalFree
GetUserDefaultLangID
GetDriveTypeW
FreeLibrary
LoadLibraryW
GetProcAddress
GlobalLock
GetModuleFileNameW
SetErrorMode
GetCurrentThreadId
InitializeCriticalSection
CreateEventW
VirtualAlloc

shlwapi

PathCombineW
PathFileExistsW
PathAddBackslashW
SHSetValueW
StrToIntW
PathParseIconLocationW
StrRetToStrW

user32

DdeDisconnect
TranslateAccelerator
LoadStringA

uniplat

StopMonitorThread
SyncDeviceIoControl

adsnt

DllCanUnloadNow

dbnmpntw

ConnectionWriteOOB
ConnectionVer

colbact

DllGetClassObject
GetDefaultPartitionForSid

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd41779323ba20461276ba64c6f79f7e

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

uniplat

adsnt

dbnmpntw

colbact

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 377KB - Virtual size: 377KB

.data Size: 24KB - Virtual size: 321KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 377KB - Virtual size: 377KB

.data
Size: 24KB - Virtual size: 321KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 3KB