4f4cc13d72a496341466dfd6ea1977f18df3e0ca8bfe4e77ac589ad4e7bf9c8d

General

Target

4f4cc13d72a496341466dfd6ea1977f18df3e0ca8bfe4e77ac589ad4e7bf9c8d
Size

777KB
MD5

8314fbc8638fe10dd6411a3a388d1c20
SHA1

5aa0fff83dd18e6a0ed43f79e9a88867e70c6232
SHA256

4f4cc13d72a496341466dfd6ea1977f18df3e0ca8bfe4e77ac589ad4e7bf9c8d
SHA512

1cac7cb75c5a03c5c6b8c72afd800b6f149ead697c4470484e8a8f0bfbbff9d81f5293476c010e8c74f02ba264b69ecbbfefe2892aef39cea850b297726cff3d
SSDEEP

12288:+yXDe4bzExZZPPN/Lsa/R0g6kP4BUhDqz75Hixplv0P38QtChir0pvf2YMEd:+yTHKPNoRc4cS7NBM7F/H

Score

N/A

Malware Config

Signatures

Files

4f4cc13d72a496341466dfd6ea1977f18df3e0ca8bfe4e77ac589ad4e7bf9c8d
.exe windows x86

faf0dbc62dd18bfd1b34663b6805084f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateMutexA
GetFileSize
lstrcpyA
GetCurrentDirectoryW
ReadFile
HeapCreate
FindResourceA
SetFileAttributesA
WriteConsoleW
WriteConsoleW
GetModuleHandleA
GetStartupInfoA
lstrcpyW
WriteConsoleW
CloseHandle
GetLastError
IsBadStringPtrW
ReleaseMutex
FormatMessageA
GetFileTime
IsValidLocale

msi

MsiAdvertiseProductA
MsiCreateRecord
MsiCloseHandle
MsiCloseAllHandles

user32

LoadCursorW
IsWindow
IsDialogMessageA
IsCharLowerA
IsZoomed
SetCursorPos
SetFocus
DispatchMessageA
PostMessageW
PeekMessageW
GetWindowTextA
wsprintfW
GetWindowLongW

apphelp

ApphelpCheckIME

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fedit
Size: 1024B - Virtual size: 263B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qedit
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

faf0dbc62dd18bfd1b34663b6805084f

Headers

File Characteristics

Imports

kernel32

msi

user32

apphelp

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 20KB

.rsrc Size: 766KB - Virtual size: 2.1MB

.fedit Size: 1024B - Virtual size: 263B

.qedit Size: 512B - Virtual size: 224B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 20KB

.rsrc
Size: 766KB - Virtual size: 2.1MB

.fedit
Size: 1024B - Virtual size: 263B

.qedit
Size: 512B - Virtual size: 224B