f4d4bc4d190a00e65fa72a3da32273318a998862f5f2d67c80eeddd46ff9722d

Sharing

Copy URL Twitter E-mail

General

Target

f4d4bc4d190a00e65fa72a3da32273318a998862f5f2d67c80eeddd46ff9722d
Size

169KB
MD5

0769ecc0c9cc100650435fc4dd452680
SHA1

453a5da75d60414f8a15f8b6131da6334b823844
SHA256

f4d4bc4d190a00e65fa72a3da32273318a998862f5f2d67c80eeddd46ff9722d
SHA512

0cc73cb7ba048f62870ba9ae9d64aeffd6333135956c4e15c0b3a9502f111d415feb1761dbbe4008c99f2db54e761fa7a2b1158560a62a7e8d3a5504f7ff597a
SSDEEP

3072:Rr93Xnqu3IGEyXwPz5L72YRoyXJXRWDT1GS9PQMX94CStqHl2qG+xtWm47cc:H3XbEyg75nAy1wsro9FSAsqG+xtEcc

Score

N/A

Malware Config

Signatures

Files

f4d4bc4d190a00e65fa72a3da32273318a998862f5f2d67c80eeddd46ff9722d
.exe windows x86

50507a6f7c4fa39c32d52469684da555

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord818
ord1143
ord567
ord4270
ord4155
ord2858
ord6195
ord2371
ord2559
ord755
ord3737
ord6451
ord4803
ord6278
ord6279
ord6867
ord4273
ord1229
ord4199
ord4621
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1768
ord4073
ord6051
ord2859
ord6437
ord1761
ord6211
ord2717
ord823
ord942
ord940
ord2810
ord535
ord861
ord536
ord5706
ord6640
ord1131
ord2613
ord1165
ord858
ord825
ord561
ord540
ord538
ord815
ord4667
ord800
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord470
ord1569

msvcrt

wcscmp
wcscpy
wcslen
free
fclose
fwrite
_wfopen
wcsncpy
_purecall
_beginthreadex
exit
wcschr
wcsstr
_wtoi
_except_handler3
_exit
_XcptFilter
wcsncat
__CxxFrameHandler
malloc
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
?terminate@@YAXXZ
_CxxThrowException
_snwprintf
swprintf
swscanf
??1type_info@@UAE@XZ

kernel32

GetFileSize
MultiByteToWideChar
lstrlenA
LocalFree
GetStartupInfoW
GetVersionExW
CreateFileW
GetCurrentProcess
GetModuleHandleW
GetLastError
lstrlenW
WideCharToMultiByte
SetUnhandledExceptionFilter
GetCurrentProcessId
OpenProcess
TerminateProcess
GetTempPathW
GetTempFileNameW
InterlockedDecrement
InterlockedIncrement
CloseHandle
VirtualAlloc
FindFirstFileW
FindClose
FindNextFileW
GetCommandLineW
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
CreateMutexW
WaitForSingleObject
ReleaseMutex
HeapFree
TlsFree
SetEnvironmentVariableW
TlsAlloc
HeapAlloc
GetProcessHeap
GetEnvironmentVariableW
VirtualFree
ReadFile
SetFilePointer
Sleep
DeleteFileW

user32

BringWindowToTop
ShowWindow
IsIconic
MoveWindow
FindWindowW
IsWindow
SendMessageW
GetClientRect
MessageBoxW
LoadIconW
AppendMenuW
GetSystemMenu
CreateWindowExW
SetForegroundWindow
InflateRect
DrawIcon
GetSystemMetrics
GetActiveWindow
DefWindowProcW
LoadCursorW
EnableWindow
GetDlgItem

advapi32

GetTokenInformation
OpenProcessToken

shell32

ShellExecuteExW
ShellExecuteW

ole32

CoUninitialize
CoInitialize

oleaut32

SysStringByteLen
SysStringLen
SysAllocString
SysFreeString
VariantClear
VariantInit
SysAllocStringByteLen

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

shlwapi

StrChrW
PathCombineW
PathRemoveFileSpecW
StrStrIW
PathIsRelativeW
SHGetValueW
PathFileExistsW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50507a6f7c4fa39c32d52469684da555

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcp60

shlwapi

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 92KB - Virtual size: 92KB