49e9d8fa1e0dd814c589b23ea373930c2c6254167c84a4732c2cbe094b85f3da

Sharing

Copy URL Twitter E-mail

General

Target

49e9d8fa1e0dd814c589b23ea373930c2c6254167c84a4732c2cbe094b85f3da
Size

526KB
MD5

e6b15534988d82d4754e49283a31bef7
SHA1

b399972b0716d759144a724565f5e5fba3091d3a
SHA256

49e9d8fa1e0dd814c589b23ea373930c2c6254167c84a4732c2cbe094b85f3da
SHA512

551d6c51e1cff302af4a69dae53a29d05989dae46a7ba97a66b327dd023ac9123bcf2a905e2f95fcf93c0b93d5aada4b738aa0fc2e6dffa361e64a4177e4367c
SSDEEP

6144:KzWnkGN8ZSqmnqCM96M/2CToSh5vvm9dhKn3Zd88ptqLf+8aOx3rYEKg2eLpgiNp:KzWluZSvwx/2SfvW9dhKpe8Paf+pUFg

Score

N/A

Malware Config

Signatures

Files

49e9d8fa1e0dd814c589b23ea373930c2c6254167c84a4732c2cbe094b85f3da
.exe windows x86

0b8cf36ef4b3b163474d6ec54187e47c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameW
CryptSetHashParam
InitiateSystemShutdownW
RegNotifyChangeKeyValue
CryptVerifySignatureA
RegFlushKey
RegReplaceKeyA
CryptEnumProviderTypesW
RegDeleteValueA

user32

VkKeyScanExW
RegisterClassA
DialogBoxParamW
RegisterClassExA
FindWindowExW
EnumWindows
LoadKeyboardLayoutA
DrawFrame
ArrangeIconicWindows

gdi32

GetCurrentObject
LineTo
SetArcDirection
ScaleViewportExtEx
CreateSolidBrush
SetViewportOrgEx
GetWinMetaFileBits
MaskBlt
SetBkColor
SelectPalette
GetTextAlign
GetCharABCWidthsA
GetWorldTransform
PatBlt
CombineRgn
GetMetaFileA
CreatePalette
GetTextFaceW
SelectClipRgn
GetPaletteEntries

comdlg32

FindTextW
ChooseColorA

kernel32

HeapDestroy
WideCharToMultiByte
SetStdHandle
GetSystemTimeAsFileTime
GetCurrentThread
HeapCreate
HeapSize
GetModuleHandleA
IsValidCodePage
GetStartupInfoA
InitializeCriticalSection
FlushFileBuffers
VirtualFree
FreeEnvironmentStringsA
GetFileType
VirtualAlloc
SetHandleCount
GetLocaleInfoW
GetCurrentProcess
MultiByteToWideChar
CreateProcessA
VirtualQuery
HeapFree
TlsSetValue
GetSystemInfo
GetACP
HeapReAlloc
TlsGetValue
TlsFree
InterlockedDecrement
GetStringTypeA
GetUserDefaultLCID
LCMapStringA
InterlockedExchange
GetModuleFileNameA
GetDateFormatA
WriteFile
TlsAlloc
GetStdHandle
LeaveCriticalSection
GetTickCount
EnumSystemLocalesA
LoadLibraryA
GetLocaleInfoA
OpenMutexA
GetCommandLineA
CompareStringW
CompareStringA
SetEnvironmentVariableA
SetLastError
LCMapStringW
GetTimeZoneInformation
RtlUnwind
EnterCriticalSection
EnumSystemCodePagesA
GetLastError
GetCurrentThreadId
DeleteCriticalSection
IsValidLocale
GetTimeFormatA
UnhandledExceptionFilter
GetEnvironmentStringsW
GetCPInfo
TerminateProcess
QueryPerformanceCounter
GetStringTypeW
CloseHandle
GetProcAddress
IsBadWritePtr
VirtualProtect
LockResource
GetEnvironmentStrings
ReadFile
GetOEMCP
GetVersionExA
FreeEnvironmentStringsW
ExitProcess
SetFilePointer
HeapAlloc
GetCurrentProcessId
SetConsoleCtrlHandler
CreateMutexA

wininet

DeleteUrlCacheContainerA
FindFirstUrlCacheEntryA
GopherOpenFileW
InternetConfirmZoneCrossingW
InternetGetCookieA

comctl32

InitCommonControlsEx

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b8cf36ef4b3b163474d6ec54187e47c

Headers

File Characteristics

Imports

advapi32

user32

gdi32

comdlg32

kernel32

wininet

comctl32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 8KB - Virtual size: 14KB

.data Size: 356KB - Virtual size: 356KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 8KB - Virtual size: 14KB

.data
Size: 356KB - Virtual size: 356KB

.rsrc
Size: 12KB - Virtual size: 12KB