4ff017e4bc1faf6e66d622c531647e266a1e68e63f353309fb93cae88cea3c44

Sharing

Copy URL Twitter E-mail

General

Target

4ff017e4bc1faf6e66d622c531647e266a1e68e63f353309fb93cae88cea3c44
Size

218KB
MD5

2334eabc119eee42a7764c0559dc7ea0
SHA1

a0cfd982db00bae322f9f768de734da9e1aef52d
SHA256

4ff017e4bc1faf6e66d622c531647e266a1e68e63f353309fb93cae88cea3c44
SHA512

28064f655875065f4e13fc17b9148cd567aa7c83542e9057f6db36ea3d2fd26ae26c76ef5603418db44f87f999ce7ab8d9886c4392ab6f3fd184aa3cba2df43c
SSDEEP

3072:uBvRIxbjtOpC5+WO1qxXDODvyYIDseYgmkdLdRDnsdlK:EGxQqO1qxXDODvyYIDseYgmk/RTKK

Score

N/A

Malware Config

Signatures

Files

4ff017e4bc1faf6e66d622c531647e266a1e68e63f353309fb93cae88cea3c44
.exe windows x86

806d823699d84a3bef64eb4281972853

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
TlsAlloc
TlsFree
DeleteFileW
MoveFileW
GetWindowsDirectoryW
GetSystemDirectoryW
IsDBCSLeadByte
SetErrorMode
SizeofResource
LoadResource
LockResource
TlsSetValue
InterlockedExchangeAdd
GetFileSize
lstrcpyA
GetFullPathNameA
TlsGetValue
GetFileTime
SetFileTime
EnterCriticalSection
GetModuleFileNameA
GetProfileSectionW
GetProfileSectionA
CompareStringW
CreateFileW
CreateFileA
GetStringTypeExW
GetStringTypeExA
LocalReAlloc
GetACP
lstrcmpiW
MulDiv
GlobalHandle
GlobalSize
GlobalReAlloc
GlobalFlags
GlobalFree
GlobalAlloc
SetFilePointer
CloseHandle
WaitForSingleObject
ReadFile
IsBadWritePtr
FindAtomA
GetSystemDefaultLangID
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetLocaleInfoW
IsBadReadPtr
LocalLock
WideCharToMultiByte
GetSystemDefaultLCID
LeaveCriticalSection
FindAtomW
GetProfileIntA
QueryPerformanceCounter
InterlockedExchange
UnhandledExceptionFilter
FindFirstFileW
GetFileAttributesW
LocalFree
VerSetConditionMask
VerifyVersionInfoW
MultiByteToWideChar
GetFileType
WriteConsoleW
SetLastError
GetConsoleOutputCP
GetLastError
lstrlenW
GetModuleHandleW
lstrcpynW
GetModuleFileNameW
GetModuleHandleA
GetVersion
GlobalLock
GlobalUnlock
FreeLibrary
LocalAlloc
GetExitCodeProcess
OutputDebugStringW
CreateDirectoryExW
RemoveDirectoryW
ExitThread
WriteFile

user32

GetSysColor
GetKeyState
PtInRect
GetWindowRect
ScreenToClient
GetCursorPos
DrawFocusRect
UpdateWindow
SetWindowPos
InvalidateRect
InflateRect
EndPaint
BeginPaint
MoveWindow
ClientToScreen
CreateWindowExA
ReleaseDC
GetDC
IsWindowUnicode
ActivateKeyboardLayout
CopyRect
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
TrackPopupMenu
RegisterClipboardFormatA
DestroyMenu
SetFocus
DestroyCaret
GetFocus
IsWindowVisible
SetScrollRange
SetScrollPos
HideCaret
GetDoubleClickTime
RegisterClassA
UnregisterClassW
CharUpperBuffW
CharLowerA
GetKeyboardLayoutList
GetKeyboardLayout
LoadCursorA
LoadBitmapW
LoadBitmapA
GetClassLongW
GetClassLongA
DefWindowProcW
DefWindowProcA
wvsprintfA
EnableScrollBar
ShowScrollBar
ShowCaret
CharUpperW
GetClipboardData
GetClipboardOwner
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
IsClipboardFormatAvailable
GetCaretPos
GetCapture
IsChild
GetForegroundWindow
WindowFromPoint
SystemParametersInfoW
GetDesktopWindow
IsWindow
GetWindow
ScrollWindowEx
KillTimer
SetCaretPos
DialogBoxParamW
LoadStringW
WinHelpW
GetDlgItem
SetWindowLongW
GetWindowLongW
GetParent
EnableWindow
DrawFrameControl
SetCursor
DestroyWindow
UnregisterClassA
WindowFromDC
GetCursor

advapi32

DeregisterEventSource
RegQueryValueExA
RegEnumKeyExA
RegQueryValueExW
ReportEventA

ole32

ReleaseStgMedium

msvcrt

malloc
fgetwc
atol
sprintf
wcsncpy
wcslen
memmove
fwprintf
vswprintf
vfwprintf
free
fprintf

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

806d823699d84a3bef64eb4281972853

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 36KB - Virtual size: 35KB

.idata Size: 8KB - Virtual size: 6KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 84KB - Virtual size: 2.6MB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 36KB - Virtual size: 35KB

.idata
Size: 8KB - Virtual size: 6KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 84KB - Virtual size: 2.6MB

.rsrc
Size: 20KB - Virtual size: 18KB