5498945d745d09948fd4328f7da6d71ae442e0e80242dd5f66a247e30d40a22e

Sharing

Copy URL

Twitter E-mail

General

Target

5498945d745d09948fd4328f7da6d71ae442e0e80242dd5f66a247e30d40a22e
Size

452KB
MD5

a7199d2ff40258ac7427ce9b513fe3fe
SHA1

a9eecc7ad31d4d57cb6ff57b1588f18e4830bcc2
SHA256

5498945d745d09948fd4328f7da6d71ae442e0e80242dd5f66a247e30d40a22e
SHA512

26a5d17a002f5c4b5c6019d29d4c45516a204df86f2c9d1f5495219ab6baacd77643075915a839053058cbbd3ed547c43cd9228698e31975536144e0da4df8ae
SSDEEP

12288:rj93DcSMTXXAi7bCqoEozFGPCUo0G9o5/AWZn+j:9TXri7bNoFzwPCUor9KVEj

Score

N/A

Malware Config

Signatures

Files

5498945d745d09948fd4328f7da6d71ae442e0e80242dd5f66a247e30d40a22e
.exe windows x86

9338e26defae8b66dcaef90c3db63610

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

version

VerLanguageNameW
VerFindFileW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeA
VerInstallFileW
GetFileVersionInfoSizeW
VerQueryValueA
VerFindFileA
VerInstallFileA

kernel32

GetCurrentProcess
GetCurrentThreadId
SetEvent
HeapAlloc
ResetEvent
CloseHandle
GetVersionExA
CreateEventA
ExitProcess
GetTickCount
lstrlenA
GetStartupInfoA
HeapFree
FindFirstFileW
QueryPerformanceCounter
GetProcessHeap
GetModuleHandleA
GetVersionExW
lstrcmpA
VirtualAlloc
GetCurrentProcessId

user32

GetDC
GetMenu
GetSysColorBrush

olesvr32

SendDataMsg
OleRegisterServer
OleRevertServerDoc
ItemWndProc
TerminateDocClients
SrvrWndProc
EnumForTerminate
OleRevokeServer
SendRenameMsg
DeleteClientInfo
OleSavedServerDoc
OleRevokeServerDoc
OleQueryServerVersion
ItemCallBack
OleRenameServerDoc
OleRevokeObject
OleBlockServer
OleRegisterServerDoc
FindItemWnd
OleUnblockServer
WEP
TerminateClients
DocWndProc

msvcrt

__setusermatherr
_acmdln
_initterm
__p__fmode
_adjust_fdiv
__p__commode
_exit
_except_handler3
exit
_controlfp
__getmainargs
_XcptFilter
__set_app_type

olepro32

OleTranslateColor

cnvfat

ConvertFAT

comsvcs

SafeRef
MTSCreateActivity
GetObjectContext
CosGetCallContext
DllGetClassObject
MiniDumpW
DllCanUnloadNow
ComSvcsLogError
ComSvcsExceptionFilter
CoLoadServices
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9338e26defae8b66dcaef90c3db63610

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

olesvr32

msvcrt

olepro32

cnvfat

comsvcs

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 141KB - Virtual size: 141KB

.data Size: 304KB - Virtual size: 303KB

.reloc Size: 1024B - Virtual size: 940B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 141KB - Virtual size: 141KB

.data
Size: 304KB - Virtual size: 303KB

.reloc
Size: 1024B - Virtual size: 940B