4c6e86dce1e33b73608c55e0c9685b67202a90c2de66503d13242043b289655e

Sharing

Copy URL Twitter E-mail

General

Target

4c6e86dce1e33b73608c55e0c9685b67202a90c2de66503d13242043b289655e
Size

456KB
MD5

09930c75e7edb61f2521933b0a75a820
SHA1

09d0daab544fde7b154220f92647faec52fedee0
SHA256

4c6e86dce1e33b73608c55e0c9685b67202a90c2de66503d13242043b289655e
SHA512

e1ca3d628f70d2c6af4974aeb844ea18d7afb377c0ef49f50f1769e858e5d2f0271215d2a5138b9ca67ebd5307f1a11d33554b2fb43583a4f3202ac107cedc5c
SSDEEP

12288:RkP+umy6yg9RJqXW5F8Xo8h1TfsEjZq34/:x1yg9RJsW5I7h1TfsEjZl

Score

N/A

Malware Config

Signatures

Files

4c6e86dce1e33b73608c55e0c9685b67202a90c2de66503d13242043b289655e
.exe windows x86

517078146e341957b77603a7cc6a6342

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
TerminateThread
ExitThread
SetThreadPriority
CreateThread
OpenProcess
ReadFile
DisconnectNamedPipe
FlushFileBuffers
ConnectNamedPipe
CreateNamedPipeA
Beep
LocalFree
LocalAlloc
GetPrivateProfileStringA
QueryPerformanceCounter
GetSystemInfo
VirtualProtect
GetLocaleInfoA
SetStdHandle
SetConsoleCtrlHandler
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
CreateMutexA
GetLocalTime
MultiByteToWideChar
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
RaiseException
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
VirtualQuery
InterlockedExchange
HeapSize
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
WideCharToMultiByte
RtlUnwind
ReleaseSemaphore
CreateSemaphoreA
InterlockedDecrement
InterlockedIncrement
GetStringTypeW
PulseEvent
DeviceIoControl
TerminateProcess
FindFirstFileA
DeleteFileA
FindClose
MoveFileA
CopyFileA
GetSystemDirectoryA
CreateProcessA
GetTickCount
GetSystemPowerStatus
GetCurrentProcessId
GetVersionExA
GetModuleFileNameA
GetSystemTime
CreateFileA
SetFilePointer
WriteFile
ExitProcess
GetCurrentThreadId
OpenMutexA
ReleaseMutex
SetEvent
OutputDebugStringA
CallNamedPipeA
WaitForSingleObject
CreateEventA
Sleep
WaitForMultipleObjects
ResetEvent
OpenEventA
GetLastError
CloseHandle
GetProcAddress
FreeLibrary
LCMapStringA
LoadLibraryA

user32

KillTimer
SetTimer
SetCursor
LoadCursorA
GetCursor
SetWindowPos
RegisterWindowMessageA
RegisterHotKey
UnregisterHotKey
GetWindowThreadProcessId
GetForegroundWindow
BroadcastSystemMessageA
ExitWindowsEx
SystemParametersInfoA
OpenDesktopA
CloseDesktop
ChangeDisplaySettingsExA
SendNotifyMessageA
MsgWaitForMultipleObjects
GetCursorPos
MonitorFromPoint
GetMonitorInfoA
GetDesktopWindow
SetForegroundWindow
WaitForInputIdle
GetMessageA
DispatchMessageA
TranslateMessage
IsWindow
DestroyWindow
FindWindowA
RegisterClassA
CreateWindowExA
ShowWindow
DefWindowProcA
PostMessageA
ChangeDisplaySettingsA
MessageBoxA
EnumDisplaySettingsExA
EnumDisplaySettingsA
GetSystemMetrics
EnumDisplayDevicesA

gdi32

CreateDCA
DeleteDC
ExtEscape

ole32

CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
SysAllocString
SysFreeString
VariantClear

advapi32

StartServiceCtrlDispatcherA
DeleteService
CreateServiceA
RegCreateKeyA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RevertToSelf
GetUserNameA
ImpersonateLoggedOnUser
GetLengthSid
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CreateProcessAsUserA
RegisterServiceCtrlHandlerA

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

517078146e341957b77603a7cc6a6342

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

advapi32

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 4KB - Virtual size: 29KB

Size: 52KB - Virtual size: 51KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 4KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 1KB