4dbd1a1c3ba0967049a9fab22dcb901c2a3dc7ee339cea46712a91fe531f9111

Sharing

Copy URL Twitter E-mail

General

Target

4dbd1a1c3ba0967049a9fab22dcb901c2a3dc7ee339cea46712a91fe531f9111
Size

220KB
MD5

10c76deff1681b25e5e1444da4192a90
SHA1

7555fc2964c1f9e76c061053ee25321214b63cec
SHA256

4dbd1a1c3ba0967049a9fab22dcb901c2a3dc7ee339cea46712a91fe531f9111
SHA512

26aa73af775986f6207ab00a29fd54d314734c28b3fbf85f11ad2c985ca622c2c5a375abecd5c5258683c9a91b31fd3ba0a7626ef3ddd9b3082fd895d0351f22
SSDEEP

3072:IGUZbZ4Ue+gYfb0627wiKVg5m5Wux3ShesuujQf2LkiCXl5/MMzu//ZaGD:IL/e+PmwxSJ5gxu/xzD

Score

N/A

Malware Config

Signatures

Files

4dbd1a1c3ba0967049a9fab22dcb901c2a3dc7ee339cea46712a91fe531f9111
.exe windows x86

b16cf117ca9e882db02f4d0ecb0421f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

storm

ord253
ord252
ord269
ord267
ord266

fog

ord10019
gdwInvBitMasks
gdwBitMasks
ord10022
ord10029

ddraw

DirectDrawEnumerateA
DirectDrawCreate

user32

LoadStringA
LoadCursorA
DialogBoxIndirectParamA
DialogBoxParamA
wvsprintfA
CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
EnumDisplaySettingsA
SetCursor
DefWindowProcA
RegisterClassA
SendMessageA
PostMessageA
SetForegroundWindow
SetActiveWindow
SetFocus
BringWindowToTop
GetWindowTextA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
EndDialog
MessageBoxA
DestroyWindow
UnregisterClassA
ShowWindow
GetDlgItem
SetWindowTextA

gdi32

GetStockObject

kernel32

RtlUnwind
TlsGetValue
WideCharToMultiByte
CloseHandle
FlushFileBuffers
LCMapStringW
LCMapStringA
ReadFile
SetStdHandle
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
TlsSetValue
lstrlenA
SleepEx
CreateThread
GetLastError
CreateEventA
SetLastError
GetProcAddress
LoadLibraryA
LockResource
LoadResource
FindResourceExA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrcpynA
TerminateProcess
GetCurrentProcess
GetEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
GetEnvironmentVariableA
TlsAlloc
GetVersionExA
InterlockedDecrement
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
InterlockedIncrement
HeapDestroy
VirtualFree
HeapFree
WriteFile
HeapReAlloc
HeapAlloc
HeapSize

advapi32

RegDeleteValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b16cf117ca9e882db02f4d0ecb0421f3

Headers

File Characteristics

Imports

storm

fog

ddraw

user32

gdi32

kernel32

advapi32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 45KB

.rsrc Size: 124KB - Virtual size: 123KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 45KB

.rsrc
Size: 124KB - Virtual size: 123KB