4869016902c73b5de4ca55a05b8b81453190169c36b880f2838936c68c421684

Sharing

Copy URL Twitter E-mail

General

Target

4869016902c73b5de4ca55a05b8b81453190169c36b880f2838936c68c421684
Size

241KB
MD5

e9fe969659b13312d1897a3e93fc2956
SHA1

92127989baca2a131c98fd57832a06b81b55a15d
SHA256

4869016902c73b5de4ca55a05b8b81453190169c36b880f2838936c68c421684
SHA512

0849285b5b9329577d33c50bb8bc2f94288a3a94439fc735a49682f5b8339df9151ab90bfa3a7e82e67daf9d01a53ef770a7b2fddb66d6e08807aedd27303ca3
SSDEEP

6144:zcaQWt/9TAOf5E6rL69RrzTY5w4K2JX68:4azt/9Tpn6jY5w4dT

Score

N/A

Malware Config

Signatures

Files

4869016902c73b5de4ca55a05b8b81453190169c36b880f2838936c68c421684
.exe windows x86

93292aa353c54f5c15f26e231eeee651

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

HeapReAlloc
GetStringTypeW
LCMapStringW
HeapSize
RaiseException
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
CloseHandle
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetLastError
MultiByteToWideChar
CreateFileW
ReadFile
HeapCreate
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetProcessHeap
HeapFree
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapAlloc
GetFileSize
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
DecodePointer
EncodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection

user32

GetForegroundWindow
CheckMenuItem
SetWindowTextW
MapWindowPoints
CountClipboardFormats
DestroyWindow
SetTimer
GetWindowRect
PostQuitMessage
KillTimer
GetParent
LoadImageA
SendMessageA
GetDC
MessageBeep
SetDlgItemInt
GetMenu
MessageBoxA
InvalidateRect
EnableMenuItem
SetClassLongA
GetDlgItem
DefWindowProcA
RedrawWindow

gdi32

GetStockObject
CreateDCA

advapi32

SetTokenInformation
AllocateAndInitializeSid
FreeSid

ole32

OleCreate

version

GetFileVersionInfoW

comctl32

ImageList_Destroy

wintrust

WinVerifyTrust

secur32

AcquireCredentialsHandleA
InitSecurityInterfaceA

imm32

ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93292aa353c54f5c15f26e231eeee651

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

version

comctl32

wintrust

secur32

imm32

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 98KB - Virtual size: 101KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 98KB - Virtual size: 101KB

.rsrc
Size: 29KB - Virtual size: 28KB