04791873b7ff7a3951ceaebaffa6a724df953ad90f5d32d1e8d4a20e1b61c640

Sharing

Copy URL Twitter E-mail

General

Target

04791873b7ff7a3951ceaebaffa6a724df953ad90f5d32d1e8d4a20e1b61c640
Size

445KB
MD5

c70c2274af594b3b3a5569ef7366ae90
SHA1

179d8fc0f2f7fbcdb1b3adea83a78b8a8696eb0c
SHA256

04791873b7ff7a3951ceaebaffa6a724df953ad90f5d32d1e8d4a20e1b61c640
SHA512

0b74034e8cf8a0b7a2e4f171c7c7778666818973f798520db7675774b178eeab8781308a0372119faacad3ea65e4d220887f706177783037b5f7cfa04f6745aa
SSDEEP

12288:yy5MX2LWdqqLIagTa4O7jXBquxtD8z6stROW7kM:6UqtglYtqM8mstRO/

Score

N/A

Malware Config

Signatures

Files

04791873b7ff7a3951ceaebaffa6a724df953ad90f5d32d1e8d4a20e1b61c640
.exe windows x86

0b547321b8f7655a2383af44c64656ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetDialStateA
InternetAutodial
HttpQueryInfoW
HttpAddRequestHeadersW

advapi32

CryptSetProviderW

kernel32

GetCurrentThread
LoadLibraryA
DeleteCriticalSection
WriteFile
TlsFree
GetTickCount
TlsAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
GetLastError
HeapDestroy
HeapFree
ReadFileEx
CreateProcessW
GetCurrentProcessId
GetPrivateProfileSectionW
GetCurrentProcess
InterlockedExchange
GetEnvironmentStringsW
WriteConsoleInputA
ReadConsoleOutputAttribute
GetCommandLineA
MultiByteToWideChar
lstrcpynW
GetThreadPriority
HeapReAlloc
GetModuleFileNameA
SetConsoleCursorPosition
IsBadWritePtr
GetStartupInfoA
GetVersion
GetFileType
SetLastError
FreeEnvironmentStringsA
GetSystemDirectoryW
GetStartupInfoW
LeaveCriticalSection
TlsSetValue
TlsGetValue
GetEnvironmentStrings
VirtualFree
GetFileTime
TerminateProcess
MapViewOfFileEx
GetModuleFileNameW
QueryPerformanceCounter
GetModuleHandleA
SetVolumeLabelW
GetCommandLineW
WriteConsoleW
GetProcAddress
HeapCreate
HeapAlloc
FindFirstFileExW
OpenMutexW
FoldStringW
FreeEnvironmentStringsW
GlobalSize
GetStdHandle
VirtualAlloc
EnterCriticalSection
ExitProcess
InitializeCriticalSection
VirtualQuery
UnhandledExceptionFilter
RtlUnwind
SetHandleCount

gdi32

EnumFontFamiliesA
SetViewportExtEx
SetBitmapDimensionEx
GetTextExtentPoint32W
FillPath
SetLayout
SetWorldTransform
GetPolyFillMode
FixBrushOrgEx
GetViewportOrgEx
CreateDIBPatternBrush
AddFontResourceA
GetBrushOrgEx
SetStretchBltMode
GdiGetBatchLimit
SetRectRgn
GetBitmapBits
GetDeviceCaps
PolyTextOutA

user32

CopyAcceleratorTableA
GetClipCursor
GetScrollPos

comdlg32

GetOpenFileNameW

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b547321b8f7655a2383af44c64656ee

Headers

File Characteristics

Imports

wininet

advapi32

kernel32

gdi32

user32

comdlg32

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 4KB - Virtual size: 11KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 4KB - Virtual size: 11KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 12KB - Virtual size: 12KB