4dbaf54f29e432a16ab267b388c6a9cabd002549c8309e52974dae004794a0db

Sharing

Copy URL Twitter E-mail

General

Target

4dbaf54f29e432a16ab267b388c6a9cabd002549c8309e52974dae004794a0db
Size

734KB
MD5

f55663305088f33b013c5a86bc9520a6
SHA1

f56d8cc6ff388c41e8f836d7762414c91b01e9e7
SHA256

4dbaf54f29e432a16ab267b388c6a9cabd002549c8309e52974dae004794a0db
SHA512

a193064968e2b028f056ce9b3abfc7f1a7d3b0666ea2a6141f5bd43bb287c350c3c6c9ff60be73ef1161e2c172d9b87a53590ae0f9ac52b2227927a667c2fbc1
SSDEEP

12288:O09ooTqjSyVuzbJM8aY3lYDY9oNAlBnYAyARaTMApZtOoRL+I7qFPgEN8xmWOmZ4:O0ODj8dms+DYyNAlBnfhPG/RLv7IP9NZ

Score

N/A

Malware Config

Signatures

Files

4dbaf54f29e432a16ab267b388c6a9cabd002549c8309e52974dae004794a0db
.exe windows x86

2da95846c0db382a660ec5c77c57cbe5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
IMAGE_FILE_UP_SYSTEM_ONLY

Imports

kernel32

FlushFileBuffers
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
IsProcessorFeaturePresent
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
LoadLibraryW
GetSystemDirectoryA
CreateFileW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
WriteFile
GetTimeZoneInformation
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
EncodePointer
RtlUnwind
HeapFree
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
GetModuleHandleW
LocalFree
WideCharToMultiByte
MultiByteToWideChar
HeapCreate
CreateEventA
SizeofResource
Sleep
GlobalAlloc
GetCurrentThread
GlobalLock
GetCurrentProcess
InterlockedDecrement
GlobalAddAtomA
HeapAlloc
LoadResource
FreeLibrary
CompareStringW
SetEnvironmentVariableA
lstrcpyA
CreateThread
CloseHandle
GetVersionExA
GetModuleFileNameA
LockResource
LoadLibraryA
GlobalFree
VerLanguageNameA
GetProcAddress
lstrcmpiA
GetLastError
DeleteCriticalSection
GlobalUnlock
CreateFileA
lstrlenA
FindResourceA
GlobalDeleteAtom
TlsAlloc

user32

DestroyIcon
ScreenToClient
GetWindowRect
IsMenu
SetActiveWindow
PackDDElParam
PostQuitMessage
LoadCursorA
FindWindowA
SetClipboardData
EnableWindow
SetWindowTextA
GetSystemMetrics
OpenClipboard
PostMessageA
SetDlgItemTextA
GetDialogBaseUnits
GetWindowThreadProcessId
SetTimer
CloseClipboard
SetCursor
DestroyWindow
ClientToScreen
EndPaint
UnpackDDElParam
FreeDDElParam
IsDlgButtonChecked
ShowWindow
EnumWindowStationsW
GetMenuItemInfoA
GetWindowDC
FillRect
SetCapture
KillTimer
DrawTextA
DrawIconEx
SetForegroundWindow
CopyImage
GetFocus
LoadBitmapA
IsClipboardFormatAvailable
GetParent
AttachThreadInput
LoadIconA
IsWindowEnabled
wsprintfA
DrawIcon
FindWindowExA
GetClientRect
SendMessageA
BeginPaint
GetDC
ChildWindowFromPoint
GetForegroundWindow
GetMenu
OffsetRect
GetWindowTextA
OemToCharA
MessageBoxA
InvalidateRect
SetCursorPos
BringWindowToTop
GetWindowLongA
GetClipboardData
CreateWindowExA
GetClassNameW
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
SetWindowPos

gdi32

PatBlt
DeleteDC
CreateFontIndirectA
SetBrushOrgEx
ExcludeClipRect
CreateBitmap
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Ellipse
GetObjectW
CreateRectRgn
CreatePatternBrush
GetStockObject
BitBlt

comdlg32

ChooseColorA

advapi32

InitiateSystemShutdownA
OpenProcessToken
CloseServiceHandle
OpenServiceA
OpenThreadToken
GetTokenInformation
LookupPrivilegeValueA
OpenSCManagerA
ControlService
AdjustTokenPrivileges
DeleteService

ole32

CoInitialize
CoTaskMemFree

oleaut32

SysFreeString
SysAllocString
VariantClear

mpr

WNetAddConnection2A

msacm32

acmStreamClose
acmStreamPrepareHeader
acmStreamOpen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shlwapi

StrToIntExA
StrRetToStrA

comctl32

ImageList_AddMasked
ImageList_GetImageInfo
ImageList_Create
ImageList_GetImageCount

gdiplus

GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipDisposeImage

setupapi

SetupDiGetDeviceInstallParamsA
SetupDiOpenDeviceInfoW
SetupDiGetSelectedDriverA
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsA
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetSelectedDevice

uxtheme

DrawThemeBackground

eappcfg

EapHostPeerFreeErrorMemory
EapHostPeerFreeMemory
EapHostPeerGetMethods

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 546KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da95846c0db382a660ec5c77c57cbe5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

mpr

msacm32

version

shlwapi

comctl32

gdiplus

setupapi

uxtheme

eappcfg

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 546KB - Virtual size: 553KB

.rsrc Size: 72KB - Virtual size: 72KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 546KB - Virtual size: 553KB

.rsrc
Size: 72KB - Virtual size: 72KB

.reloc
Size: 10KB - Virtual size: 10KB