4fdcff576232f30dfe46fd9df02323d6846ab676a42a57d777a507ad26f46346

Sharing

Copy URL Twitter E-mail

General

Target

4fdcff576232f30dfe46fd9df02323d6846ab676a42a57d777a507ad26f46346
Size

122KB
MD5

0c577a1dc4975765d23bfdae0d721fa0
SHA1

f60c3ad30b805daca607d663b5b26f9493a1f9c3
SHA256

4fdcff576232f30dfe46fd9df02323d6846ab676a42a57d777a507ad26f46346
SHA512

ad43b7bf0ee9964755a95669afa89b74c9915f4fbec02e07e0c0b4c730b664c8854f649157a08d977d07ecf5dc09f577b7d00438617c27b3b630ce302c3ef6eb
SSDEEP

3072:kt0ZqVocYKCcYdNEeL9lHg6JuvhAcRu7:kt0ZqmcYxvLL9W6JCL

Score

N/A

Malware Config

Signatures

Files

4fdcff576232f30dfe46fd9df02323d6846ab676a42a57d777a507ad26f46346
.exe windows x86

45b1022a1c4fb12d06cab929155b40ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AccessCheckAndAuditAlarmA
ControlService
GetFileSecurityA
LogonUserW
LookupPrivilegeNameA
OpenServiceA
RegCloseKey
RegEnumKeyExW
RegReplaceKeyA

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FillConsoleOutputAttribute
FreeConsole
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetThreadTimes
GetVersion
GetVersionExA
GlobalGetAtomNameA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
RaiseException
ReadConsoleOutputA
RtlUnwind
SetConsoleActiveScreenBuffer
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
WritePrivateProfileStructW

user32

CharToOemA
CharToOemW
ClipCursor
CreateMenu
EnumThreadWindows
GetClassNameW
GrayStringA
IsClipboardFormatAvailable
LoadKeyboardLayoutW
MapDialogRect
MessageBoxA
MessageBoxW
ScrollWindow
SetActiveWindow
SetSysColors
SetWinEventHook
ShowScrollBar
SystemParametersInfoW
wsprintfA

ole32

CoUninitialize
OleBuildVersion
OleCreateLinkFromData
OleUninitialize
RegisterDragDrop
WriteClassStm

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45b1022a1c4fb12d06cab929155b40ed

Headers

File Characteristics

Imports

advapi32

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 44KB

.data Size: 14KB - Virtual size: 32KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 58KB - Virtual size: 58KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 44KB

.data
Size: 14KB - Virtual size: 32KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 58KB - Virtual size: 58KB

.reloc
Size: 3KB - Virtual size: 4KB