4cf1338fdad61e2616d50d58f0861bd4549a3e87cac42ce9308ee52f0e717e32

Sharing

Copy URL Twitter E-mail

General

Target

4cf1338fdad61e2616d50d58f0861bd4549a3e87cac42ce9308ee52f0e717e32
Size

327KB
MD5

114039c90f4bfe8e26010f8ba644ac60
SHA1

e5bda756e552ee1fd919d87c17b81d2d5d526e28
SHA256

4cf1338fdad61e2616d50d58f0861bd4549a3e87cac42ce9308ee52f0e717e32
SHA512

353aa2bea22581ed86a6246e6f2df8238264d23112d4f52ea7c4ca710505b97470511c61bbcb82cfb65046e952fdf3b0f6362676bcbbc1e678a320f493cd0bc3
SSDEEP

6144:GBX4x335BkokuyNDADVlIgZ2fAhEoV4isxYW2G7DndRxppNsq:I2BkoMDAVE/oyxHnfp

Score

N/A

Malware Config

Signatures

Files

4cf1338fdad61e2616d50d58f0861bd4549a3e87cac42ce9308ee52f0e717e32
.exe windows x86

2b36097a69c91249822651989304e6da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateEventA
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
DeleteCriticalSection
CreateFileA
LocalFree
FormatMessageA
GetModuleFileNameA
WinExec
lstrlenA
lstrcatA
DeleteFileA
GetTickCount
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
ReleaseMutex
CreateMutexA
GetPrivateProfileIntA
GetSystemInfo
GetVersionExA
lstrcpynA
GetLongPathNameA
WideCharToMultiByte
EnterCriticalSection
SetStdHandle
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FlushFileBuffers
SetFilePointer
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
LeaveCriticalSection
WriteFile
ReadFile
SetEvent
GetLastError
GetProcAddress
GetModuleHandleA
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
VirtualFreeEx
CloseHandle
MultiByteToWideChar
GetLocaleInfoW
OutputDebugStringA
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
GetCPInfo
LCMapStringW
LCMapStringA
GetCurrentProcess
TerminateProcess
HeapReAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetFileAttributesA
RaiseException
HeapFree
HeapAlloc
RtlUnwind

user32

IsWindow
InvalidateRect
SetWindowPos
GetSystemMetrics
GetWindowRect
DefWindowProcA
ReleaseDC
UpdateLayeredWindow
GetDC
DestroyWindow
PostMessageA
OffsetRect
ClientToScreen
GetWindow
FindWindowExA
FindWindowA
SendMessageA
GetWindowThreadProcessId
ScreenToClient
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
DispatchMessageA
TranslateMessage
MoveWindow
GetMessageA

gdi32

CreateCompatibleDC
SelectObject
DeleteObject
DeleteDC
CreateDIBSection

advapi32

RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoCreateInstance
CoUninitialize

wininet

InternetCloseHandle
InternetConnectA
HttpOpenRequestA
InternetReadFile
HttpEndRequestA
InternetSetStatusCallback
InternetOpenA
HttpSendRequestA
HttpSendRequestExA
InternetWriteFile

gdiplus

GdiplusShutdown
GdipDrawImagePointRectI
GdipDeleteGraphics
GdipGetImageWidth
GdipDrawImageI
GdiplusStartup
GdipLoadImageFromFile
GdipCloneImage
GdipLoadImageFromFileICM
GdipDisposeImage
GdipFree
GdipGetImageHeight
GdipCreateFromHDC
GdipAlloc

shlwapi

PathQuoteSpacesA

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b36097a69c91249822651989304e6da

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

gdiplus

shlwapi

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 164KB - Virtual size: 164KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 164KB - Virtual size: 164KB