4770f24a81a4517278d2b192cc079f62a27bc738526296e387e044cbf48c9ac4

Sharing

Copy URL Twitter E-mail

General

Target

4770f24a81a4517278d2b192cc079f62a27bc738526296e387e044cbf48c9ac4
Size

147KB
MD5

8e3d00804fdde9d09e2d1b8654e565a6
SHA1

a1707583416e470aacf41d3df43ac7fb49f1544b
SHA256

4770f24a81a4517278d2b192cc079f62a27bc738526296e387e044cbf48c9ac4
SHA512

4351cc85fae72244f3f588535f6f559fbe089a8d295e63e3666824402c293f0be9d55a46fa43f07174a138085820f53f7120f3179ecb58438a8cb69ea05db709
SSDEEP

3072:6mAqW1fs6Ahehi6FpTsdpJArJDdiZmGjyj+vMjuzSaPjM9cK97Sat:66W1fs6/YdXs5divTzSaPjM9Y

Score

N/A

Malware Config

Signatures

Files

4770f24a81a4517278d2b192cc079f62a27bc738526296e387e044cbf48c9ac4
.exe windows x86

06322bb424e2684181a1287ca75bb733

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__getmainargs
wcsncmp
getenv
remove
wcscat
_stat
_wcslwr
__setusermatherr
fprintf
__set_app_type
log10
fputs
__p__commode
_cexit
_XcptFilter
__p__fmode
_initterm
_acmdln
tolower
_adjust_fdiv
wcscmp
time
_controlfp
_except_handler3
exit

kernel32

GetModuleHandleA
GetStartupInfoA
InterlockedIncrement
lstrlenW
CopyFileA
VirtualProtect
LocalAlloc

user32

PeekMessageA
EndPaint
GetSystemMetrics
GetScrollPos
SetScrollRange
PostQuitMessage
DefWindowProcA
UpdateWindow
PostMessageA
FindWindowA

comctl32

ImageList_BeginDrag
DestroyPropertySheetPage
InitCommonControls
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_SetImageCount

advapi32

RegEnumKeyW
RegEnumValueW
RegDeleteKeyW
AdjustTokenPrivileges
SetSecurityDescriptorDacl
CopySid
CryptHashData
GetSecurityDescriptorDacl
GetTokenInformation
LookupPrivilegeValueA
RegDeleteValueA
RegCreateKeyExW

oleaut32

VariantCopyInd
SafeArrayPutElement
VariantInit
SafeArrayUnaccessData
SafeArrayPtrOfIndex
LoadTypeLib
VariantCopy
SysReAllocStringLen
SetErrorInfo
GetErrorInfo

version

VerQueryValueA
VerQueryValueW
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerFindFileW
GetFileVersionInfoSizeA

ole32

ProgIDFromCLSID
OleFlushClipboard
CoGetClassObject
OleInitialize
CLSIDFromString
OleDraw
IsAccelerator
CoSetProxyBlanket
StgOpenStorage
OleSetMenuDescriptor
OleUninitialize

shell32

SHGetDiskFreeSpaceExW
SHGetFileInfo
SHAddToRecentDocs
DragQueryFileW
DoEnvironmentSubstW
SHFileOperationW

gdi32

GetNearestColor
CloseMetaFile
SetStretchBltMode
SetBkMode
CreateICW

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06322bb424e2684181a1287ca75bb733

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

comctl32

advapi32

oleaut32

version

ole32

shell32

gdi32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 18KB - Virtual size: 40KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 18KB - Virtual size: 40KB

.rsrc
Size: 108KB - Virtual size: 108KB