4b8fbe449271f30e2f0437205458aac293c9aa0c75b138afaa91d62668d2bc2a

Sharing

Copy URL Twitter E-mail

General

Target

4b8fbe449271f30e2f0437205458aac293c9aa0c75b138afaa91d62668d2bc2a
Size

264KB
MD5

21444237f2ed8002f5b58a0e9226fb26
SHA1

1360ac1f221f8dd4a1fc0bb902ee5a6f1c327913
SHA256

4b8fbe449271f30e2f0437205458aac293c9aa0c75b138afaa91d62668d2bc2a
SHA512

89a1458f0999caf9a604d645978db091db843afe61cf38c08ff5e604589e5dbf029536bd3dcea33787655bd1d8f18dda553eee9d79bf67e1bbef2fa90e0f566c
SSDEEP

6144:6gDEUA9tN2CVwoWDBZfI9LGNONrNI21yixbISnzu:6IDA9LWlZA9aInAQb

Score

N/A

Malware Config

Signatures

Files

4b8fbe449271f30e2f0437205458aac293c9aa0c75b138afaa91d62668d2bc2a
.exe windows x86

9db8bc4a9658dad8da68a7be1f69b945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
VirtualFree
LoadLibraryA
SetFilePointer
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsW
InterlockedDecrement
HeapDestroy
TlsSetValue
GetStdHandle
GetFileType
HeapCreate
GetModuleFileNameW
VirtualQuery
GetEnvironmentStringsW
GetCurrentProcessId
lstrcpynW
LocalCompact
GetVersion
SetStdHandle
GetStartupInfoW
CompareStringW
VirtualQueryEx
LCMapStringW
GetProcAddress
GetDiskFreeSpaceA
ReadConsoleOutputA
InitializeCriticalSection
GetEnvironmentStrings
SetHandleCount
SetEnvironmentVariableA
TlsAlloc
GetCompressedFileSizeW
GetCommandLineW
GetTickCount
GetModuleFileNameA
InterlockedExchange
LeaveCriticalSection
ReadFile
GetWindowsDirectoryA
WideCharToMultiByte
FreeEnvironmentStringsA
EnumResourceLanguagesA
CommConfigDialogA
HeapFree
HeapReAlloc
FlushFileBuffers
GetACP
VirtualLock
GetStringTypeW
SetLastError
TlsGetValue
CreateMutexA
lstrcmpW
InterlockedIncrement
GetModuleHandleA
HeapAlloc
GetCPInfo
MultiByteToWideChar
EnterCriticalSection
TlsFree
CloseHandle
GetCurrentProcess
ExitProcess
GetCurrentThread
DeleteCriticalSection
IsBadReadPtr
CreateSemaphoreW
InterlockedCompareExchange
GetSystemTime
QueryPerformanceCounter
WriteFile
CompareStringA
GetLocaleInfoA
VirtualAlloc
ConnectNamedPipe
GetProcessHeaps
GetStringTypeA
GetLastError
IsBadWritePtr
GetLocalTime
GetTimeZoneInformation
GetCommandLineA
GetCurrentThreadId
GetSystemTimeAsFileTime
LCMapStringA
RtlUnwind
GlobalSize
TerminateProcess

shell32

DragQueryFile
SHQueryRecycleBinW

wininet

FindCloseUrlCache
InternetGetConnectedState

advapi32

RegEnumKeyW
RegEnumValueW
CryptSetProviderA
CryptGetHashParam
RegRestoreKeyA
GetUserNameA
LookupAccountNameA
LookupSecurityDescriptorPartsA
RegDeleteKeyA
CryptGetProvParam
CryptSetProvParam
CreateServiceA
CryptGetDefaultProviderW
RegSetValueExA
CryptDeriveKey
RegDeleteValueA
InitiateSystemShutdownA
CryptSetProviderExW
RevertToSelf
CryptGenKey
StartServiceW
StartServiceA
AbortSystemShutdownA
RegEnumKeyA
RegEnumValueA

user32

GetTitleBarInfo
InvalidateRect
SetMenuItemBitmaps
GetWindowTextLengthA
EqualRect
TileWindows
PeekMessageA
AdjustWindowRect
ChangeMenuW
GetDesktopWindow
MessageBoxA
ReuseDDElParam
CreateWindowExW
RegisterClassExA
DestroyWindow
InsertMenuA
OpenInputDesktop
RegisterClassA
DefWindowProcW
EmptyClipboard
WaitMessage
TrackMouseEvent
InvalidateRgn
ShowWindow

comctl32

ImageList_DragEnter
ImageList_GetFlags
ImageList_Replace
CreateStatusWindowW
ImageList_SetIconSize
InitCommonControlsEx
ImageList_SetFlags
DrawStatusText
ImageList_LoadImage
ImageList_GetDragImage
CreateStatusWindow
ImageList_SetBkColor
ImageList_Remove
ImageList_DragMove
ImageList_GetImageRect
ImageList_ReplaceIcon
CreatePropertySheetPage
MakeDragList
ImageList_LoadImageW
InitMUILanguage
ImageList_DragShowNolock
ImageList_Write
ImageList_Copy
ImageList_DrawIndirect

comdlg32

ChooseColorA

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9db8bc4a9658dad8da68a7be1f69b945

Headers

File Characteristics

Imports

kernel32

shell32

wininet

advapi32

user32

comctl32

comdlg32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 54KB - Virtual size: 68KB

.data Size: 90KB - Virtual size: 90KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 54KB - Virtual size: 68KB

.data
Size: 90KB - Virtual size: 90KB

.rsrc
Size: 7KB - Virtual size: 7KB