4cf3c9082dde186ed5e7587e54ba445e0e64d1b0033a1ca72b366296b4d0b59d

Sharing

Copy URL Twitter E-mail

General

Target

4cf3c9082dde186ed5e7587e54ba445e0e64d1b0033a1ca72b366296b4d0b59d
Size

64KB
MD5

0b887e05a0c766ea2a51175113ac3468
SHA1

782d6137da113938a1eb563a331a87b0e69901d1
SHA256

4cf3c9082dde186ed5e7587e54ba445e0e64d1b0033a1ca72b366296b4d0b59d
SHA512

ddebca29c4a3bd195673e8b22cda8b10f0eb2e4738de3e3d143192f3481aa00498467b1815356dd6aa0070d8146cf4d6dad848d31f0307b500478ce9290f30d4
SSDEEP

768:rr1jxPT4w5PIEg6naaijMk9+15o9ZsGcuJ9hMhfp71fsfil5irQAgV+RDU:/1R4AP9g6najAvoZcph3fsfil5i6+

Score

N/A

Malware Config

Signatures

Files

4cf3c9082dde186ed5e7587e54ba445e0e64d1b0033a1ca72b366296b4d0b59d
.exe windows x86

09d8bb5ad4d60e2d53482a74fb76b836

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
WriteFile
ReadFile
GetFileSize
GetModuleFileNameA
OpenEventA
GetTickCount
SetErrorMode
CreateMutexA
CopyFileA
GetSystemTime
GetCurrentThreadId
SetFileTime
GetCurrentProcess
SystemTimeToFileTime
GetSystemDirectoryA
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
LocalFree
LocalAlloc
PeekNamedPipe
WaitForMultipleObjects
lstrcmpiA
RaiseException
FreeLibrary
GetModuleHandleA
GetSystemInfo
GlobalMemoryStatus
lstrcatA
DeleteFileA
MoveFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateThread
lstrcpyA
GetVersionExA
lstrlenA
LoadLibraryA
GetProcAddress
WinExec
CreateProcessA
GetFileAttributesA
GetLastError
InitializeCriticalSection
Sleep
CancelIo
InterlockedExchange
SetEvent
ResetEvent
WaitForSingleObject
CloseHandle
CreateEventA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
LocalFileTimeToFileTime

user32

GetMessageA
PostThreadMessageA
GetInputState
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetProcessWindowStation
OpenDesktopA
ExitWindowsEx
GetWindowTextA
IsWindowVisible
OpenWindowStationA
wsprintfA
EnumWindows
GetThreadDesktop
SetProcessWindowStation

advapi32

DeleteService
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
StartServiceA
CreateServiceA

msvcrt

_except_handler3
_strupr
_strnicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
??3@YAXPAX@Z
memcpy
memmove
ceil
_ftol
strlen
strstr
__CxxFrameHandler
memset
??2@YAPAXI@Z
memcmp
_CxxThrowException
strrchr
malloc
atoi
strcat
free
strcpy
strchr
exit
_strcmpi
strncat
_beginthreadex
calloc
??1type_info@@UAE@XZ
_exit
_XcptFilter

urlmon

URLDownloadToFileA

wininet

InternetCloseHandle
InternetReadFile
InternetOpenA
InternetOpenUrlA

avicap32

capGetDriverDescriptionA

Sections

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09d8bb5ad4d60e2d53482a74fb76b836

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

urlmon

wininet

avicap32

Sections

.data Size: 56KB - Virtual size: 55KB

.rsrc Size: 4KB - Virtual size: 32KB

.data
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 4KB - Virtual size: 32KB