4c6a0d18ab824c3c497a2b3a76a2672d7f288414ae2e132b28840fb5b7e901fd

Sharing

Copy URL Twitter E-mail

General

Target

4c6a0d18ab824c3c497a2b3a76a2672d7f288414ae2e132b28840fb5b7e901fd
Size

478KB
MD5

84e8e9909dbdb3a114ce00bdaa412acc
SHA1

94ecb31d66c8078e2016434bfa02f309a2e6affd
SHA256

4c6a0d18ab824c3c497a2b3a76a2672d7f288414ae2e132b28840fb5b7e901fd
SHA512

81be87410c863fa0563874fd92f123aa478ddcdc6cbbf98593f48e475ccf595bd7e95edbf4c06c5c505af7f7f1ff47c646fec8f5ef93eab8c5e59dc896dd191e
SSDEEP

12288:Gm+Ux2rVZSIaBZ64l4XLwMKR1zDRXIiPLot0LF/tCfAoD84IOA1S:GxLSbkL1kzBLtFlCf5dES

Score

N/A

Malware Config

Signatures

Files

4c6a0d18ab824c3c497a2b3a76a2672d7f288414ae2e132b28840fb5b7e901fd
.exe windows x86

4640e067a44d4fc7195deb3275c75762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
SetHandleCount
LoadLibraryW
GetConsoleCP
GetFileType
WriteConsoleW
OutputDebugStringA
GetConsoleMode
VirtualFree
HeapReAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
SetFilePointer
FreeLibrary
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
LoadLibraryA
GetConsoleOutputCP
HeapSize
InitializeCriticalSection
InterlockedIncrement
SetEvent
GetProcAddress
HeapAlloc
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
CloseHandle
MulDiv
VirtualQuery
CreateFileMappingA
MapViewOfFile
WideCharToMultiByte
DeviceIoControl
FormatMessageA
LocalFree
OpenProcess
GetCurrentThread
FindResourceA
LoadResource
Sleep
lstrcpyA
WriteFile
GetStdHandle
DebugBreak
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
FlushFileBuffers
TlsAlloc
GetModuleHandleW
TlsGetValue
DeleteCriticalSection
EnterCriticalSection
LocalAlloc
WTSGetActiveConsoleSessionId
GetLastError
ExitProcess
GetStartupInfoA
LeaveCriticalSection
MultiByteToWideChar
lstrlenA
GetWindowsDirectoryA
GetModuleHandleA
OutputDebugStringW
HeapFree
GetProcessHeap
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsBadReadPtr
HeapValidate
GetCommandLineA
RtlUnwind
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
InterlockedDecrement

user32

CreateWindowExA
SetWindowLongA
GetWindowLongA
DestroyWindow
GetDialogBaseUnits
SendMessageA
GetDlgItem
ReleaseDC
GetDC
SetWindowPos
BringWindowToTop
PostQuitMessage
DefWindowProcA
ShowWindow
LoadCursorA
LoadIconA
SetWindowTextA
LoadStringA
EnableMenuItem
GetWindow
EndPaint
GetParent
IsWindow
GetClassNameA
GetWindowTextA
GetSystemMetrics
IsDlgButtonChecked
MessageBoxW
InvalidateRect
IsWindowEnabled
BeginPaint
SetForegroundWindow
GetCursorInfo
GetIconInfo
GetCursorPos
ScreenToClient
DrawIcon
GetDesktopWindow
FillRect
SetRect
GetSysColor
CopyRect
DrawFrameControl
InflateRect
DrawFocusRect
CheckMenuItem
IsClipboardFormatAvailable
MessageBoxA
SendDlgItemMessageA
GetDlgItemTextA
GetClientRect
SwitchToThisWindow
DrawMenuBar

gdi32

CreateFontIndirectA
SetBkColor
Rectangle
GetDeviceCaps
CreateCompatibleDC
GetObjectA
GetDIBits
GetTextExtentPoint32A
SetTextJustification
CreateCompatibleBitmap
CreateMetaFileA
BitBlt
DeleteDC
CloseMetaFile
CreateSolidBrush
CreatePen
MoveToEx
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SetDCPenColor
CreateRectRgnIndirect
SelectClipRgn
GetStockObject
SelectObject
GetTextMetricsA
TextOutA
CreateRectRgn
CombineRgn
DeleteObject
GetDeviceGammaRamp
GetEnhMetaFileDescriptionA
GetColorAdjustment
GetDCOrgEx
GetCharacterPlacementA
GetClipBox
LineTo

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
DuplicateTokenEx
RegQueryValueExA
CheckTokenMembership
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
LogonUserA
LogonUserW
ImpersonateLoggedOnUser
OpenProcessToken
RegEnumKeyExA
RegOpenKeyExA
CreateProcessAsUserA

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation

ole32

CoCreateGuid
MkParseDisplayName
CreateBindCtx
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
StringFromGUID2

oleaut32

OleLoadPicturePath
SafeArrayCreateVector
SafeArrayAccessData
SysAllocString
SafeArrayDestroy
OleLoadPicture
VariantClear
VariantInit

odbc32

ord19
ord3
ord13
ord16
ord1
ord12
ord9
ord2
ord41
ord31

ws2_32

inet_addr
WSAStartup
WSASendTo
closesocket
WSAGetLastError
WSARecvFrom
bind
WSAHtonl
WSAHtons
ioctlsocket
WSASocketA

psapi

EnumProcesses
GetProcessImageFileNameA

msvfw32

MCIWndCreateA
GetOpenFileNamePreviewA

avifil32

AVIFileOpenA
AVIStreamGetFrameOpen

msimg32

TransparentBlt

shlwapi

ord176
PathStripToRootA

comctl32

ImageList_Create
ImageList_Add
ImageList_GetImageCount
InitCommonControlsEx

rpcrt4

UuidCreateSequential

imm32

ImmEscapeA

wtsapi32

WTSQueryUserToken

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4640e067a44d4fc7195deb3275c75762

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

odbc32

ws2_32

psapi

msvfw32

avifil32

msimg32

shlwapi

comctl32

rpcrt4

imm32

wtsapi32

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 159KB - Virtual size: 158KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 159KB - Virtual size: 158KB