49e7b56dfafb97d1d39f1e3137ad82ecdf818b84e3925fa84b61a3bf39985c4b

Sharing

Copy URL Twitter E-mail

General

Target

49e7b56dfafb97d1d39f1e3137ad82ecdf818b84e3925fa84b61a3bf39985c4b
Size

253KB
MD5

839334845e79c43c67ebb0cf8ef0f010
SHA1

780a2e12d09b14eae3c3f6303f3df64630f37a3c
SHA256

49e7b56dfafb97d1d39f1e3137ad82ecdf818b84e3925fa84b61a3bf39985c4b
SHA512

f9d69922f6c43d9422410f758915d0d3109e4225dba4cb58dbd36df841626bd1580511a3a1c963c9152123adcbe0603347fdaf9fd35f64aa29a15867aee16274
SSDEEP

3072:vyr+AVNd0irR9hwx2gdCufxwNfbIUdoFMHwd/DBNUAWvCSVUUWA/XRO62g//EnnE:c+qd0iKDAufiKUAL7UAWvlmmRQg7H

Score

N/A

Malware Config

Signatures

Files

49e7b56dfafb97d1d39f1e3137ad82ecdf818b84e3925fa84b61a3bf39985c4b
.exe windows x86

95fa670205cbc9131ca74a57dcb6e472

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateClassMoniker
CoInitializeEx
GetRunningObjectTable
CoRevokeClassObject
CoRegisterClassObject
CoUninitialize

version

GetFileVersionInfoA
VerQueryValueA

kernel32

LocalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
SetEvent
LocalLock
OpenEventA
TerminateThread
WaitForSingleObject
SuspendThread
ResumeThread
FormatMessageA
ResetEvent
WaitForMultipleObjects
LocalFree
LocalUnlock
FindFirstChangeNotificationA
FindCloseChangeNotification
GetExitCodeThread
ReleaseMutex
CreateMutexA
GetDriveTypeA
WideCharToMultiByte
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemInfo
GetVersion
GetVersionExA
FindNextChangeNotification
InterlockedIncrement
CloseHandle
FindClose
GetDiskFreeSpaceA
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetFileSize
CreateFileA
GetFileAttributesA
CreateDirectoryA
GetTempPathA
MoveFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetTempFileNameA
SetUnhandledExceptionFilter
SetCurrentDirectoryA
GetCurrentDirectoryA
SetProcessWorkingSetSize
GetCurrentProcess
SetFilePointer
GetCurrentProcessId
WriteFile
GetThreadContext
VirtualQuery
IsBadWritePtr
OpenProcess
GlobalMemoryStatus
Sleep
GetCurrentThreadId
GetLastError
FlushFileBuffers
InterlockedDecrement
CreateEventA
CreateProcessA
SetErrorMode
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFullPathNameA
SetEnvironmentVariableW
GetModuleFileNameA
GetACP
GetCPInfo
SetStdHandle
LCMapStringW
LCMapStringA
ReadFile
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
SetFileAttributesA
HeapSize
GetOEMCP
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetEndOfFile
TerminateProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection

user32

PostMessageA
DestroyWindow
IsWindow
FindWindowA
DefWindowProcA
CreateWindowExA
GetSystemMetrics
RegisterClassA
GetClassInfoA
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
PostQuitMessage
PostThreadMessageA
CharNextA
CharPrevA
ReleaseDC
GetDC
SendMessageA
SetTimer

advapi32

RegCloseKey
RegOpenKeyA
RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegSetValueA
FreeSid
RegEnumKeyA
RegCreateKeyA

gdi32

GetDeviceCaps

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95fa670205cbc9131ca74a57dcb6e472

Headers

File Characteristics

Imports

ole32

version

kernel32

user32

advapi32

gdi32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 24KB - Virtual size: 32KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 24KB - Virtual size: 32KB

.rsrc
Size: 76KB - Virtual size: 76KB