fc4fd703101e0b97f3609679e8e8ba3c605f8a089f2f77b4274aa5e1f44ca6ed

General

Target

fc4fd703101e0b97f3609679e8e8ba3c605f8a089f2f77b4274aa5e1f44ca6ed
Size

437KB
MD5

0cbbf9e979c6130ed0b412800fd6cd40
SHA1

b59f2e3b65f7b73410c9d35cec0fb0f15ecb9a75
SHA256

fc4fd703101e0b97f3609679e8e8ba3c605f8a089f2f77b4274aa5e1f44ca6ed
SHA512

76a9c3f442eabfc0e56f3d622a0946a3d47a30f48c2d93af344438093368c78a134d63748c9025266571ae4598b84c51ac00d37a70cca9fba1d78ebc3ff233bb
SSDEEP

12288:9sNtC1Xwi3lU99RUkcJlT1EWMta3SRyHWS:AYgYU9/UkcL9Me0yHWS

Score

N/A

Malware Config

Signatures

Files

fc4fd703101e0b97f3609679e8e8ba3c605f8a089f2f77b4274aa5e1f44ca6ed
.exe windows x86

44b768a1e579f2d7c3597487b6cdd3cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathW

kernel32

LockFileEx
PrepareTape
GetAtomNameA
GetCurrentProcessId
WriteProfileStringA
CreateFileMappingA
WaitNamedPipeW
GetCommModemStatus
GetLocalTime
InterlockedIncrement
GlobalAddAtomA

comdlg32

ChooseColorA
ReplaceTextA

user32

ScrollWindowEx
DrawFrameControl
BeginPaint
GetKeyState
CloseWindow
RegisterClassExW
SetScrollInfo
SetProcessDefaultLayout
GetMenuStringA
RegisterDeviceNotificationA
ReleaseDC
PtInRect
EnumDisplaySettingsW
SendDlgItemMessageA
PostThreadMessageW
GetClipboardData
GetDC
SetCapture
GetSysColor
LoadMenuIndirectA
CharLowerW
CreateDialogIndirectParamW
GetTabbedTextExtentW
IsWindowUnicode
MapWindowPoints
RedrawWindow
SetWindowContextHelpId
GetMenuItemInfoA
MsgWaitForMultipleObjectsEx

advapi32

PrivilegeCheck
ChangeServiceConfigW
RegLoadKeyW
GetSidLengthRequired
GetSecurityDescriptorControl
RegOpenKeyW
CryptGenKey
RegEnumValueA
GetServiceDisplayNameW
RegCreateKeyExW
QueryServiceConfigW
AccessCheckAndAuditAlarmA
GetTokenInformation
CryptImportKey
CreateProcessAsUserW
IsValidSecurityDescriptor
RegDeleteKeyW
CryptGetProvParam
CryptHashData
OpenServiceW

Sections

.text
Size: 36KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44b768a1e579f2d7c3597487b6cdd3cf

Headers

File Characteristics

Imports

shell32

kernel32

comdlg32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 367KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 365KB - Virtual size: 365KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 36KB - Virtual size: 367KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 365KB - Virtual size: 365KB

.rsrc
Size: 32KB - Virtual size: 31KB