4bb1d3cd9d5ba18bf55d3ca558a685e728f56a8d4e5029ad4579714993442dab

Sharing

Copy URL Twitter E-mail

General

Target

4bb1d3cd9d5ba18bf55d3ca558a685e728f56a8d4e5029ad4579714993442dab
Size

826KB
MD5

0d33811508eda085bc3214afc1471b36
SHA1

240f96ef3c37cdfad61793d707b06926e27fed8e
SHA256

4bb1d3cd9d5ba18bf55d3ca558a685e728f56a8d4e5029ad4579714993442dab
SHA512

57950b758bcb9636c2427bef789ce09ca508fb00af09ad79a736730f6faf7dc9415b9d80cd45a602a0ed9460943145c7819be0aa1a5a9c252f6d3023a7499799
SSDEEP

12288:TGuEu1EZabL5W42CySbvV39Q/FghLLMYLVzwezBEpLR:TGuNxL51g+LweVzwez6R

Score

N/A

Malware Config

Signatures

Files

4bb1d3cd9d5ba18bf55d3ca558a685e728f56a8d4e5029ad4579714993442dab
.exe windows x86

b61eb19e7c4b0682ca2d3a11f16c66de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_aligned_realloc
__setlc_active
getc
__set_app_type
__getmainargs
_ismbcl1
tanh
_wcsrev
_mbscmp
__p__commode
asin
exit
_strnicoll
__uncaught_exception
_getpid
_ismbbpunct
_loaddll

shlwapi

AssocQueryStringByKeyW
SHRegDeleteUSValueW
SHRegOpenUSKeyA
SHOpenRegStream2W
PathIsRootA
SHQueryInfoKeyW
StrCSpnA
PathIsDirectoryW
SHOpenRegStreamW
PathStripToRootA
SHGetValueA
PathIsFileSpecW
StrNCatA
GetMenuPosFromID
PathIsURLA
StrStrA
SHSetValueW
PathMakePrettyA
SHEnumKeyExW

secur32

SecpFreeMemory
AddSecurityPackageA
UnsealMessage
QueryContextAttributesA
LsaEnumerateLogonSessions
GetUserNameExA
LsaLookupAuthenticationPackage
InitializeSecurityContextW
SaslAcceptSecurityContext
QuerySecurityPackageInfoW
DeleteSecurityPackageW
SealMessage
MakeSignature
GetSecurityUserInfo
LsaRegisterPolicyChangeNotification
FreeCredentialsHandle
QueryCredentialsAttributesW
QuerySecurityContextToken
EncryptMessage
AcquireCredentialsHandleA
TranslateNameA
LsaFreeReturnBuffer
FreeContextBuffer
ImpersonateSecurityContext
InitializeSecurityContextA
LsaConnectUntrusted
SecpTranslateNameEx
SaslEnumerateProfilesW
GetUserNameExW

msasn1

ASN1_CreateDecoderEx
ASN1_FreeEncoded
ASN1BERDecOctetString2
ASN1_CloseDecoder
ASN1BERDecCheck
ASN1CEREncCharString
ASN1_CloseModule
ASN1_CreateDecoder
ASN1BEREncObjectIdentifier
ASN1objectidentifier2_cmp
ASN1CEREncUTCTime
ASN1BERDecSXVal
ASN1ztcharstring_cmp
ASN1DecRealloc
ASN1BEREncU32
ASN1BERDecMultibyteString
ASN1BEREncSX
ASN1BEREncEndOfContents
ASN1BERDecBitString
ASN1BEREncGeneralizedTime

gdi32

PolyPatBlt
SetPolyFillMode
SetBitmapDimensionEx
TextOutW
DdEntry6
ChoosePixelFormat
CreatePen
GetCharABCWidthsFloatA
FONTOBJ_pxoGetXform
EngTextOut
GetCharWidth32W
GdiPlayPrivatePageEMF
GdiPlayDCScript
ModifyWorldTransform
CreatePalette
AddFontResourceW
SelectBrushLocal
RealizePalette
AngleArc
GdiAddFontResourceW
StretchDIBits
DeviceCapabilitiesExW
GdiConvertAndCheckDC
GdiQueryTable
ExtFloodFill
EngStretchBltROP
UnloadNetworkFonts
GetViewportOrgEx

kernel32

QueryPerformanceCounter
EnumResourceTypesA
GetLocaleInfoW
LoadModule
SearchPathW
SetLocaleInfoA
GetModuleHandleW
EnumDateFormatsW
SetThreadExecutionState
ScrollConsoleScreenBufferA
WaitForMultipleObjects
QueryMemoryResourceNotification
FileTimeToDosDateTime
LoadLibraryW
GlobalGetAtomNameW
GetFileAttributesExW
SetConsoleInputExeNameW
GetCurrentThread
SetFileApisToOEM
LocalFree
SizeofResource
LocalUnlock

user32

DefWindowProcA
PostQuitMessage
RegisterClassA

ws2_32

WSAAsyncGetServByPort
WSCInstallProvider
WSANtohs
getservbyname
WSAHtonl
WSCWriteNameSpaceOrder
WSAStartup
WSADuplicateSocketA
getnameinfo

Sections

.text
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b61eb19e7c4b0682ca2d3a11f16c66de

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

shlwapi

secur32

msasn1

gdi32

kernel32

user32

ws2_32

Sections

.text Size: 381KB - Virtual size: 381KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 154KB - Virtual size: 154KB

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 381KB - Virtual size: 381KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 154KB - Virtual size: 154KB

.reloc
Size: 1024B - Virtual size: 840B