4bbd7334b821e6fde10ade084cbb7d0941026998419998a1ba2b1ae6bd8dde34

Sharing

Copy URL Twitter E-mail

General

Target

4bbd7334b821e6fde10ade084cbb7d0941026998419998a1ba2b1ae6bd8dde34
Size

1.2MB
MD5

f6e656b6e83247a24b7a6ab36b7c30c2
SHA1

a04eb0175c3ddc65d92dd54ff0aa65ef67b4e3f6
SHA256

4bbd7334b821e6fde10ade084cbb7d0941026998419998a1ba2b1ae6bd8dde34
SHA512

ac496b01ff7ae93d24c19ab140177a29d0fdde1225d6b54033b453eae4ed001d9af2e6150d585e66923b1eda2e2955104bfd27b42cda7791c1dec46d61ba3be3
SSDEEP

24576:WEOXiJn0JPeMn7j1aMVngxGCKA+xB2NhKkpQH:9kiW7jTVnxSK

Score

N/A

Malware Config

Signatures

Files

4bbd7334b821e6fde10ade084cbb7d0941026998419998a1ba2b1ae6bd8dde34
.exe windows x86

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
MoveFileW
DeleteFileW
TlsAlloc
GetFileAttributesExW
GetModuleFileNameW
GetFileAttributesW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
GetStdHandle
GetFileType
SetLastError
GetConsoleOutputCP
GetModuleHandleA
Sleep
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
CreateEventW
CloseHandle
SetEvent
WaitForSingleObject
GetProcessHeap
TlsFree
InterlockedIncrement
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
SetThreadPriority
IsProcessorFeaturePresent
DebugBreak
QueryPerformanceFrequency
MulDiv
HeapAlloc
InterlockedCompareExchange
CreateEventA
WideCharToMultiByte
OutputDebugStringA
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetVersion
LocalAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
SystemTimeToFileTime
GlobalMemoryStatus
GetConsoleAliasExesLengthW
AddConsoleAliasW
GetLocalTime
CreateFileW
SetFilePointerEx
TlsSetValue
FreeLibrary
OutputDebugStringW
GetStartupInfoA
CreateFileA
ExitProcess
CreateDirectoryExW
HeapFree
ExitThread
GetConsoleAliasesW

user32

EnumDisplayMonitors
FillRect
GetDC
GetDesktopWindow
EnumDisplaySettingsW
InvalidateRect
EnumDisplayDevicesW
IsIconic
MapWindowPoints
MonitorFromWindow
DefWindowProcW
SetForegroundWindow
SetWindowLongW
MonitorFromRect
GetForegroundWindow
GetWindowRect
RegisterClassW
CreateWindowExW
IsWindow
CharNextA
LoadStringW
IntersectRect

advapi32

IsTextUnicode
RegCloseKey
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemFree
PropVariantCopy
CoCreateInstance
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries

msvcrt

malloc
free

winmm

timeBeginPeriod
timeEndPeriod

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

winmm

Sections

.text Size: 120KB - Virtual size: 119KB

.idata Size: 8KB - Virtual size: 4KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 108KB - Virtual size: 2.7MB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 120KB - Virtual size: 119KB

.idata
Size: 8KB - Virtual size: 4KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 108KB - Virtual size: 2.7MB

.rsrc
Size: 32KB - Virtual size: 28KB