4901cb3842ea4ef8370b3b500077468bd8d544d7a4d5f2e32a6e2b314919071e

Sharing

Copy URL Twitter E-mail

General

Target

4901cb3842ea4ef8370b3b500077468bd8d544d7a4d5f2e32a6e2b314919071e
Size

132KB
MD5

08d7dc0d03d57a2c67dd5f7af8561610
SHA1

e7783772dabbc73f8982ded89d84e10befac44bd
SHA256

4901cb3842ea4ef8370b3b500077468bd8d544d7a4d5f2e32a6e2b314919071e
SHA512

b77b376fef63433df85b7827a61152b916405c9fa12680c360f91a8c6dfb32a140b487f7fb547044e2031d1f29262a6cfe68daa89c67bedb9d865753765fab54
SSDEEP

3072:3vBJQH8nDLzTal74U/JzFVznFaNpbDZ3O82T1m6eegdqLIeWCCJHBFJcbLLAm28u:3vBJBnDLzTal74U/JzFVznFaNpbDZ3Tt

Score

N/A

Malware Config

Signatures

Files

4901cb3842ea4ef8370b3b500077468bd8d544d7a4d5f2e32a6e2b314919071e
.exe windows x86

18e2caa2d35e6185a1ce10419dc89525

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

kernel32

GetCurrentThreadId
TerminateProcess
GetPrivateProfileIntW
GetPrivateProfileStringW
Process32NextW
OpenProcess
WaitForSingleObject
OutputDebugStringW
GetModuleFileNameW
Process32FirstW
GetModuleHandleW
CloseHandle
GetTickCount
CreateToolhelp32Snapshot
CreateProcessW
GetLastError
LoadLibraryW
GetProcAddress
QueryPerformanceCounter
Module32FirstW
GetFileAttributesW
GetCommandLineW
SetUnhandledExceptionFilter
lstrlenW
SizeofResource
CreateFileW
FindResourceExW
WideCharToMultiByte
FindResourceW
LockResource
FindFirstFileW
DeleteFileW
LoadResource
GetCurrentProcessId
GetCurrentProcess
Module32NextW
CreateDirectoryW
GetVersion
GetVersionExW
CreateMutexW
Sleep
GetDiskFreeSpaceExW
EnterCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
FindClose
SetFilePointer
WriteFile
LeaveCriticalSection
InitializeCriticalSection
GetProcessTimes
SetFileAttributesW
VirtualQuery
MoveFileW
FreeLibrary
HeapDestroy
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc

user32

LoadIconW
UnregisterClassA
UnregisterClassW
GetClassInfoExW
DispatchMessageW
TranslateMessage
PeekMessageW
GetDoubleClickTime
GetCursorPos
KillTimer
RegisterClassExW
GetSubMenu
SetForegroundWindow
DestroyWindow
LoadMenuW
SetTimer
SetMenuDefaultItem
IsWindow
PostMessageW
TrackPopupMenu
RegisterWindowMessageW
DestroyMenu
GetMenuItemID
ShowWindow
SetWindowLongW
FindWindowW
CreateWindowExW
DefWindowProcW
SendMessageW

gdi32

GetStockObject

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
CommandLineToArgvW

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysFreeString
SysAllocString
SysStringLen

msvcr80

_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_CxxThrowException
__CxxFrameHandler3
memcpy
_crt_debugger_hook
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm
_wcmdln
exit
_XcptFilter
??3@YAXPAX@Z
wcscpy_s
_wtoi64
_wsplitpath_s
_snwprintf_s
wcscat_s
_snwprintf
wcsrchr
wcschr
wcsncpy_s
_vscwprintf
memmove_s
_wcsicmp
memcpy_s
_time64
_wtoi
vswprintf_s
_vsnwprintf_s
_vswprintf_c_l
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
swprintf_s
_invalid_parameter_noinfo
_mkdir
toupper
_purecall
free
iswspace
malloc
_vswprintf
memmove
wcsncat
wcsncpy
clock
memset
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_initterm_e

msvcp80

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18e2caa2d35e6185a1ce10419dc89525

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

shell32

ole32

oleaut32

msvcr80

msvcp80

dbghelp

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 48KB - Virtual size: 45KB