449a5bea1d1b9cb5a2beb9f56f0dea7e4c68b1335cd95774713e6dcd91f7fc11

Sharing

Copy URL Twitter E-mail

General

Target

449a5bea1d1b9cb5a2beb9f56f0dea7e4c68b1335cd95774713e6dcd91f7fc11
Size

190KB
MD5

fdae3542b17e20a22de4a9d3c47a4a7b
SHA1

a6ef3cd7478978209be9850bdab2f33515253dd0
SHA256

449a5bea1d1b9cb5a2beb9f56f0dea7e4c68b1335cd95774713e6dcd91f7fc11
SHA512

75104ddca2b1210af592cb18af8e050fc4cff64760e1969766bb230dc32fa861ff852e78fd73de82d758b51673a6f7fd35e170cedb7b6876135bc606a8a0e052
SSDEEP

3072:YKqviJzCD85k/5yQ/kw9xyA22NHeBQav0h2v:YKqaJz5k/f/kwtvNWQavc

Score

N/A

Malware Config

Signatures

Files

449a5bea1d1b9cb5a2beb9f56f0dea7e4c68b1335cd95774713e6dcd91f7fc11
.exe windows x86

c35da32d6da7bc75205cda884fa44244

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetThreadLocale
GetProcAddress
GetProcessHeaps
GetPrivateProfileStringA
GetLocalTime
LoadLibraryA
QueryDosDeviceW
GetModuleFileNameA
GetPrivateProfileSectionA
GetFileTime
GetVersionExA
CloseHandle
FindFirstVolumeW
GetFileInformationByHandle
SetStdHandle
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
RtlUnwind
HeapSize
SetThreadLocale
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
IsProcessorFeaturePresent
GetModuleFileNameW
GetStdHandle
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
SetCurrentDirectoryA
FileTimeToSystemTime
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
GetTimeFormatW
GetDateFormatA
SetFileTime
ExpandEnvironmentStringsA
GetCurrentThread
ExitProcess
GetTimeFormatA
GetCurrentProcess
HeapAlloc
SystemTimeToTzSpecificLocalTime
lstrcpynA
GetLocaleInfoA
FindVolumeClose
GetFileSize
GetDateFormatW
GetEnvironmentVariableW
GetCommandLineW
Sleep
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
DecodePointer
GetModuleHandleW
CreateFileW

user32

DestroyIcon
GetKeyboardLayoutNameA
FindWindowA
EnableWindow
RegisterClassA
LoadCursorA
GetKeyboardLayoutList
CopyRect
EndPaint
GetMessageA
SetActiveWindow
RegisterClassExA
PostQuitMessage
IsIconic
FillRect
GetMenuItemID
SetForegroundWindow
LoadStringA
LoadIconA
wsprintfA
GetClientRect
BeginPaint
GetDC
TranslateMessage
SetSysColors
GetMenu
SetRect
OemToCharA
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
GetMenuStringA
ShowWindow
CreatePopupMenu
GetMenuItemCount
PostMessageA
DispatchMessageA
MessageBoxW
GetSystemMetrics
IsWindowVisible
LoadImageA
SendMessageW
UpdateWindow

gdi32

SetViewportOrgEx
CreateFontIndirectW
CreatePalette
DeleteObject
RealizePalette
SelectPalette
GetSystemPaletteEntries
SetSystemPaletteUse
CreateSolidBrush

comdlg32

FindTextW
ChooseFontW

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
SetEntriesInAclA
OpenThreadToken
OpenProcessToken

shell32

CommandLineToArgvW
Shell_NotifyIconA

ole32

OleCreateFromFile
StgCreateDocfile
OleInitialize
CreateStreamOnHGlobal

msvfw32

ICCompressorFree
ICCompressorChoose

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c35da32d6da7bc75205cda884fa44244

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

msvfw32

version

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 18KB - Virtual size: 26KB

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 18KB - Virtual size: 26KB

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 7KB - Virtual size: 6KB