4f4691cb1dca47e4b9bda87fbefea1d7485ce0809ed43e5aba1c6b6fc8dac6a8

Sharing

Copy URL Twitter E-mail

General

Target

4f4691cb1dca47e4b9bda87fbefea1d7485ce0809ed43e5aba1c6b6fc8dac6a8
Size

70KB
MD5

14439803abd44ad6cec07d0297da260b
SHA1

d65149f8bf6c4d9bf9db371c01c4ead41164af59
SHA256

4f4691cb1dca47e4b9bda87fbefea1d7485ce0809ed43e5aba1c6b6fc8dac6a8
SHA512

bb0c97b80ad7316b86d1d6265737dc552160f39e666a36bd2662cb4e3b4f64c98a87968cdc69360c26d1741c0e9018537b608088f1c56a619a084a3d973f62b7
SSDEEP

1536:1Sqtrce3JR8F6Xl6iiCKy0C6xBsNGcdz8SevE5dPGvGFyO7:1Sqtge5Q0l7sMYI2Sl5dP7FyO7

Score

N/A

Malware Config

Signatures

Files

4f4691cb1dca47e4b9bda87fbefea1d7485ce0809ed43e5aba1c6b6fc8dac6a8
.zip
pfx_LogMeIn_crt.scr
.exe windows x86

5c3a530e8ce30c7dafab1ada1478efb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
HeapReAlloc
GetStringTypeW
LCMapStringW
IsProcessorFeaturePresent
HeapSize
RtlUnwind
SetFilePointer
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleW
LocalFileTimeToFileTime
lstrcpyA
CreateWaitableTimerA
CloseHandle
WriteProfileStringA
GetProfileStringA
GetLocalTime
GetLastError
MulDiv
GetProfileIntA
HeapCreate
GetSystemDirectoryW
GetDateFormatA
GetUserGeoID
GetTickCount
GetUserDefaultLCID
SystemTimeToFileTime
SetWaitableTimer
HeapAlloc
lstrlenA
GetNativeSystemInfo
MultiByteToWideChar
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
InterlockedDecrement
GetCurrentThreadId
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
CreateFileW

user32

IsRectEmpty
IsMenu
PostQuitMessage
SendDlgItemMessageA
wsprintfA
GetClientRect
SetFocus
EndPaint
SendMessageA
BeginPaint
GetMonitorInfoA
GetDC
GetWindowTextA
MessageBoxA
InvalidateRect
ReleaseDC
MonitorFromWindow
GetDlgItem
EndDialog
IsWindow
GetSystemMetrics
SetWindowTextA
GetWindowTextLengthA

gdi32

SetWindowOrgEx
BitBlt
LineTo
SetTextColor
DeleteDC
GetDeviceCaps
CreateFontIndirectA
SetBkColor
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
GetStockObject
GetTextColor
TextOutA
MoveToEx

comdlg32

FindTextA
ReplaceTextA
ChooseColorA

advapi32

RegCloseKey
ControlService
OpenSCManagerA
RegCreateKeyExA
RegSetValueExA
DeleteService
CloseServiceHandle
OpenServiceA

shell32

SHParseDisplayName

ole32

CoInitialize

netapi32

NetWkstaUserGetInfo

msimg32

GradientFill

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c3a530e8ce30c7dafab1ada1478efb0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

netapi32

msimg32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 13KB - Virtual size: 21KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 13KB - Virtual size: 21KB

.rsrc
Size: 25KB - Virtual size: 24KB