4e287063af0549e096c8fdef5ef9cb1888aaba159d588c70f7a5b767e3b196e3

Sharing

Copy URL

Twitter E-mail

General

Target

4e287063af0549e096c8fdef5ef9cb1888aaba159d588c70f7a5b767e3b196e3
Size

141KB
MD5

925f3ed9ac3630b0f16e2297dc68db52
SHA1

2c81a2d1bc7913fbcf8711b8f294bbffa892ae0d
SHA256

4e287063af0549e096c8fdef5ef9cb1888aaba159d588c70f7a5b767e3b196e3
SHA512

8e9766c5276d9d698e2655192ca7fbd8aeafd299d010b086f579abb8367a26f4607a35fd3fd8f11d307725156d0c11e127f478c44cdf0f889b276ce47ba425dc
SSDEEP

3072:vec0QwFtk6vBcQucwoHqO+AJgcEOgTzYUJCry76rs:YfFtk6q/eRgHfL

Score

N/A

Malware Config

Signatures

Files

4e287063af0549e096c8fdef5ef9cb1888aaba159d588c70f7a5b767e3b196e3
.exe windows x86

19f29daf01ffbfb438e72db1b2c04269

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
FileTimeToDosDateTime
GetUserDefaultLCID
UnhandledExceptionFilter
GetFullPathNameA
GetCPInfo
GetThreadLocale
SetErrorMode
GetModuleHandleA
IsBadCodePtr
VirtualProtect
WritePrivateProfileStringA

msvcrt

log
_initterm
__p__fmode
__p__commode
sqrt
_adjust_fdiv
__setusermatherr
_acmdln
strcat
_osver
__p___initenv
__set_app_type
strlen
isdigit
_XcptFilter
__getmainargs
exit
__CxxFrameHandler
_except_handler3
fseek

user32

GetScrollInfo
DestroyMenu
DispatchMessageA
CharLowerA
GetCursorPos
LoadStringA
IntersectRect
GetWindowTextA

gdi32

LPtoDP
AbortDoc
SetRectRgn
GetTextMetricsA
SelectPalette
GetEnhMetaFileDescriptionA
RemoveFontResourceA
MoveToEx
GetTextExtentPointA
ArcTo
ExtCreatePen
Arc

comctl32

ImageList_Read
ImageList_GetIconSize
ImageList_Add
ImageList_ReplaceIcon
InitializeFlatSB
DestroyPropertySheetPage
ImageList_DragEnter
ImageList_Replace

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA

advapi32

RegQueryValueA
GetTokenInformation
LookupPrivilegeValueA
OpenProcessToken
QueryServiceStatus
RegCloseKey
OpenThreadToken

oleaut32

GetActiveObject
VariantClear
SafeArrayPtrOfIndex
GetErrorInfo
VariantCopyInd

ole32

CoUninitialize
IIDFromString
OleGetClipboard
CoDisconnectObject
CoReleaseMarshalData
CoRegisterClassObject

shell32

SHGetFolderLocation
ExtractIconA
SHBrowseForFolderA
SHGetFolderPathW
SHGetPathFromIDListA
ShellExecuteExW
CommandLineToArgvW
SHBrowseForFolder

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19f29daf01ffbfb438e72db1b2c04269

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

comctl32

version

advapi32

oleaut32

ole32

shell32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 28KB - Virtual size: 27KB