4b3882058c9c6ccec4837c492dbe36767731fbf17c7592e4ebbf2413a2eab169

Sharing

Copy URL Twitter E-mail

General

Target

4b3882058c9c6ccec4837c492dbe36767731fbf17c7592e4ebbf2413a2eab169
Size

203KB
MD5

0c754c92fc93a5a4c5d67805651a9b00
SHA1

d721d26e25ee51e4f45910b2759485dc9e19821e
SHA256

4b3882058c9c6ccec4837c492dbe36767731fbf17c7592e4ebbf2413a2eab169
SHA512

cd169e807ab0ffc96e332b6e1d557f871b8cdd9d9f92e651a2c253f33d91d704a4fc182e810653dee47d98edccd813ec1a222110dbd82eb7f45eaa5e28fc636b
SSDEEP

6144:8QlFa5fZ12D70OYc/+6GHACUWAKY9Kmy2uE:ZlE5v8YvzHKJpuE

Score

N/A

Malware Config

Signatures

Files

4b3882058c9c6ccec4837c492dbe36767731fbf17c7592e4ebbf2413a2eab169
.exe windows x86

6dee02cc19a828cc52dc69527bb7f0f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxIndirectW
FillRect
GetScrollPos
EnumDisplaySettingsA
BroadcastSystemMessageW
ReleaseCapture
BeginDeferWindowPos
ScrollDC
DrawTextExW
SetClipboardData

urlmon

IsLoggingEnabledA
GetClassFileOrMime
GetClassURL

shell32

FindExecutableW
DoEnvironmentSubstW
ShellAboutW
DragQueryFileA
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellAboutA
DragQueryPoint

ole32

CoFreeUnusedLibraries
WriteFmtUserTypeStg
CoDosDateTimeToFileTime
CoGetCurrentProcess
CoImpersonateClient
StgOpenStorageOnILockBytes

wininet

FtpPutFileA
GopherGetLocatorTypeA
InternetSetOptionExW
FtpDeleteFileA
FtpRenameFileW

gdi32

AddFontResourceW
CloseEnhMetaFile
ColorCorrectPalette
AddFontMemResourceEx
CreateDCW

ws2_32

setsockopt
recvfrom
sendto
closesocket
ntohs
bind

opengl32

glShadeModel
wglCopyContext
wglDescribeLayerPlane
glIndexsv
glVertex3fv
glNormal3s
glColor4s
glFogi

kernel32

SetStdHandle
WriteConsoleW
HeapSize
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapAlloc
LoadLibraryW
Sleep
CreateFileW
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapFree
WideCharToMultiByte
GetModuleFileNameW
GetStdHandle
WriteFile
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
GetCurrentThreadId
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetModuleFileNameA
CloseHandle
GetLastError
CreateMutexA
ReplaceFileW
GetDriveTypeW
OpenFile
lstrlenW
lstrcmpA
ExitProcess
RtlUnwind
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dee02cc19a828cc52dc69527bb7f0f0

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

shell32

ole32

wininet

gdi32

ws2_32

opengl32

kernel32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 150KB - Virtual size: 149KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 150KB - Virtual size: 149KB