4e4699a5f308c56b461684a79c929bde1a2bcc464e1de0be093f469e5c8cf0dc

Sharing

Copy URL

Twitter E-mail

General

Target

4e4699a5f308c56b461684a79c929bde1a2bcc464e1de0be093f469e5c8cf0dc
Size

331KB
MD5

821e47d799c19a3528282ead0108dc19
SHA1

4c6e20eaf0d0dac53a182f45733261b28fb3a27a
SHA256

4e4699a5f308c56b461684a79c929bde1a2bcc464e1de0be093f469e5c8cf0dc
SHA512

c6c49931ced0f448274d1a8a27955dcb1af8cb73491dea267d4179c422ca8fa38e64b765195582ee7f66343cb9eef55f96fc5cb77c7d55524f80b6f8f9d96876
SSDEEP

6144:V5iTS7JPwgx33yCSuDl4n6ZOhPPnWYlzyCK+etPlz:CO5n1Syin6ZI3WYJiL

Score

N/A

Malware Config

Signatures

Files

4e4699a5f308c56b461684a79c929bde1a2bcc464e1de0be093f469e5c8cf0dc
.exe windows x86

c8925b56faad3cd4afb90fa685a4aa2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ntdll

NtGetPlugPlayEvent
ZwReplaceKey
RtlQueryInformationActivationContext
RtlGetLastWin32Error
RtlAllocateAndInitializeSid
ZwSetInformationDebugObject
ZwSetContextThread
ZwCompactKeys
ZwQueryVirtualMemory
RtlAddAccessDeniedAceEx
_ltow
RtlGetLongestNtPathLength
NtOpenTimer
RtlNtStatusToDosError
strcspn
ZwFilterToken

msvcrt

_amsg_exit
_strerror
_execle
_wspawnvp
_ctype
__pxcptinfoptrs
_setsystime
_umask
_getcwd
?set_new_handler@@YAP6AXXZP6AXXZ@Z
_mbsicmp
wcscoll
_mbsspnp
_acmdln
__getmainargs
?_set_new_mode@@YAHH@Z
??_Ebad_cast@@UAEPAXI@Z
vprintf
?what@exception@@UBEPBDXZ
_toupper
_lsearch
__iob_func
strpbrk
_resetstkoflw
tmpfile
_putws

user32

GetDesktopWindow
EqualRect
CallWindowProcW
DefFrameProcW
RemovePropW
CallWindowProcA
DeleteMenu
CallMsgFilter
EndTask
GetMenuItemInfoW
RealChildWindowFromPoint
TileChildWindows
BringWindowToTop
EndDeferWindowPos
ChangeMenuW
TrackPopupMenu
InsertMenuItemA
ChangeDisplaySettingsExW
IsDlgButtonChecked
GetWindowInfo
SetUserObjectInformationA
CharUpperA
GrayStringW
IsRectEmpty
ValidateRect
MessageBoxExW
PrintWindow
ShowCursor
GetMessagePos
RealGetWindowClassA
CharPrevExA
GetKeyState
GetKeyboardLayout
GetUpdateRgn
GetKeyboardLayoutNameA
GetClassInfoExA
SetShellWindowEx
GetQueueStatus
UpdateWindow

kernel32

GetBinaryType
GetSystemDefaultLangID
GetFileTime
AddVectoredExceptionHandler
VirtualAlloc
HeapSummary
CancelWaitableTimer
TermsrvAppInstallMode
GetCurrentThread
GetConsoleAliasesA
EnumSystemLanguageGroupsA
EndUpdateResourceW
OpenFile
LoadLibraryA
GetStartupInfoA
GetHandleInformation
GetConsoleAliasExesLengthA
QueryPerformanceCounter
GetEnvironmentStringsA
ReadConsoleOutputW
FreeUserPhysicalPages

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8925b56faad3cd4afb90fa685a4aa2f

Headers

File Characteristics

Imports

ntdll

msvcrt

user32

kernel32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 215KB - Virtual size: 214KB

.data Size: 1024B - Virtual size: 406KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 215KB - Virtual size: 214KB

.data
Size: 1024B - Virtual size: 406KB

.rsrc
Size: 18KB - Virtual size: 18KB