48fe65a68cffab7e68254b0ae0f8ac981e6dfe0c97392a8dee93038b24ae9f13

Sharing

Copy URL Twitter E-mail

General

Target

48fe65a68cffab7e68254b0ae0f8ac981e6dfe0c97392a8dee93038b24ae9f13
Size

284KB
MD5

0ac78cf9fe86c957100d9806712e93f0
SHA1

934c37765e921745e32b366daf6f87605b474072
SHA256

48fe65a68cffab7e68254b0ae0f8ac981e6dfe0c97392a8dee93038b24ae9f13
SHA512

8b4b81613d02e0dcb6029421554623bba5b8d8ad3c4ede7a52ad9614507194eb25762f60cfca1a9b073616afc5e7f477c6fb3f23ce324a3e8d696a9a14d600b8
SSDEEP

6144:74XfA1QMzYvqHiSae9lX0YsR7C7VwOmJHLBbHB0wIdegcS1:UXfA1ZbaeDX0Yme7CF+wcegh

Score

N/A

Malware Config

Signatures

Files

48fe65a68cffab7e68254b0ae0f8ac981e6dfe0c97392a8dee93038b24ae9f13
.exe windows x86

1e043e027bb594d284b95d8734ee3425

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushConsoleInputBuffer
GetNamedPipeInfo
GetStringTypeExA
GlobalGetAtomNameW
TlsFree
InterlockedExchangeAdd
ReleaseMutex
SetVolumeLabelW
WriteProfileStringW
FoldStringW
WritePrivateProfileStringA
CreateFileA
lstrlenW
CopyFileExW
EscapeCommFunction
CreateWaitableTimerW
VirtualQueryEx
GetTapePosition
SetFileTime
MoveFileExW
_lopen
VirtualProtect
GetVersionExA
GetModuleHandleA
GetStdHandle
LocalSize
GetTimeZoneInformation
GetEnvironmentVariableW
GetTickCount
HeapFree
UnlockFile
PulseEvent
SearchPathA
GetEnvironmentVariableA
SetConsoleOutputCP
FreeEnvironmentStringsW
VirtualAllocEx
GetStartupInfoA

user32

GetMessagePos
GetSysColor
ShowWindowAsync
SendNotifyMessageA
SetDlgItemTextW
CharToOemW
GetDlgItemTextA
UpdateWindow
OpenInputDesktop
GetPropA
GetKeyNameTextA
GetForegroundWindow
ChangeDisplaySettingsW
ActivateKeyboardLayout
GetMenuItemInfoW
SendNotifyMessageW
GetCaretBlinkTime
EndDialog
CopyAcceleratorTableA
AppendMenuA
LoadCursorA
GetParent
FindWindowExW
BringWindowToTop
SystemParametersInfoW
GetMenuStringW
CreateCaret

gdi32

SetLayout
CreatePolygonRgn

advapi32

MapGenericMask
SetSecurityDescriptorDacl
GetServiceDisplayNameW
CryptCreateHash
GetNamedSecurityInfoW
ObjectCloseAuditAlarmA

shell32

SHFileOperationW
CommandLineToArgvW
SHGetPathFromIDListW
DuplicateIcon
SHGetSpecialFolderPathW
SHGetDesktopFolder

oleaut32

RegisterTypeLi
SysAllocString
LoadTypeLi
SafeArrayCreateVector
SafeArrayGetElement
DispGetIDsOfNames
VariantCopy
VariantChangeTypeEx

comctl32

ImageList_DragShowNolock
ImageList_GetDragImage

shlwapi

UrlGetPartW
SHSetThreadRef
SHOpenRegStream2W
PathGetArgsW
SHEnumValueW
StrTrimW
UrlGetPartA
PathSkipRootW
PathFileExistsW

setupapi

SetupDiDeleteDeviceInfo
SetupDiGetClassDevsExW
SetupDiGetDeviceInstanceIdA
SetupGetLineCountA
SetupOpenFileQueue
SetupDiGetDeviceInfoListDetailA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 272KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e043e027bb594d284b95d8734ee3425

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

oleaut32

comctl32

shlwapi

setupapi

msvcrt

Sections

.text Size: 272KB - Virtual size: 268KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 272KB - Virtual size: 268KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB