d4044b03860cfb2ddb4d2a2be709311c6205a68563210808e979997fdd57c268

Sharing

Copy URL Twitter E-mail

General

Target

d4044b03860cfb2ddb4d2a2be709311c6205a68563210808e979997fdd57c268
Size

377KB
MD5

169dc7c1605a5292327f6479ed4467c1
SHA1

d3c797b4b7e154e30aa79d4cab48019737269901
SHA256

d4044b03860cfb2ddb4d2a2be709311c6205a68563210808e979997fdd57c268
SHA512

e875764c6ea95e11b191a62e0e9df8840c6be80997f78a5b51ff8bffdd741fd93d7e9d5b06070d142e1d99a88f50c7e764d9ffecb125cfabcf8f561731043919
SSDEEP

6144:43FQV/MeqPEfIqeApzPPxCZiv2xDDkP3w1WceN2wctQycJCk/Gk0EhrHmlA9ve8:43mV/MeqPEQqeApzX8ZN9K3OWchwcSyN

Score

N/A

Malware Config

Signatures

Files

d4044b03860cfb2ddb4d2a2be709311c6205a68563210808e979997fdd57c268
.exe windows x86

e41eba7e0969762a9a5d21cdc16146e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoW
CreateDirectoryW
GetFileAttributesW
GetComputerNameW
lstrcpyW
LoadLibraryW
GetLastError
FreeLibrary
TerminateProcess
LocalFree
GlobalAlloc
GetProcAddress
FormatMessageW
GetComputerNameExW
LoadLibraryA
lstrcmpiW

user32

GetSysColor
LoadCursorW
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
SetCursor
DispatchMessageW
LoadBitmapW
GetDlgItem
GetSystemMetrics
EndDialog
DialogBoxParamW
GetShellWindow
SetWindowPos
DrawTextW
GetParent
LoadStringW
GetWindowTextW
MessageBoxW
ExitWindowsEx
PostMessageW
MessageBeep
SendMessageW
GetWindowRect
GetDC
ReleaseDC

gdi32

GetStockObject
CreateFontIndirectW
DeleteObject
GetDeviceCaps
CreateSolidBrush
GetTextExtentPointW
SetBkColor
ExtTextOutW
CreateCompatibleDC
GetObjectW
BitBlt
SelectObject

msvcrt

__CxxFrameHandler
iswspace
_wcsnicmp
wcslen
memmove
towupper
_c_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
wcschr
wcsrchr
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
_exit
wcscmp

advapi32

RegOpenKeyExW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
FreeSid
GetLengthSid
AddAccessAllowedAce
MakeSelfRelativeSD
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
MapGenericMask
AllocateAndInitializeSid
LookupAccountNameW
GetSecurityDescriptorLength
GetSecurityDescriptorControl

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e41eba7e0969762a9a5d21cdc16146e6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 291KB - Virtual size: 291KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 291KB - Virtual size: 291KB

.rsrc
Size: 1KB - Virtual size: 1KB