4cd8605cbdffc4d8051f458c9e63622a9f6d713686c0e0b0b7dd1a40bf16b37a

Sharing

Copy URL Twitter E-mail

General

Target

4cd8605cbdffc4d8051f458c9e63622a9f6d713686c0e0b0b7dd1a40bf16b37a
Size

182KB
MD5

358fae99172fc981e3bf7cc604febd38
SHA1

6b00adb5b4a6ab7f9b413976e205942ad92b482d
SHA256

4cd8605cbdffc4d8051f458c9e63622a9f6d713686c0e0b0b7dd1a40bf16b37a
SHA512

8c17ac0c41bf9d8f590ec18109dea4fd73044d332ed855f041aa8621f2e3a25bb13bf42770f0d0a059f35b0e4aaa30e249b1f8a37d80dab582e447022b61a082
SSDEEP

3072:hssN3TP+X+7nu2Fp6BcS090iCFk1VkO3N2tpwkgyQPv5SBAvPjiGrUCa5:hssoXWnu2HZT3CwN2fwt5PvtvuGrU

Score

N/A

Malware Config

Signatures

Files

4cd8605cbdffc4d8051f458c9e63622a9f6d713686c0e0b0b7dd1a40bf16b37a
.exe windows x86

915639af685847c60a525ee288d06b02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetDriveNumberA
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathSkipRootA
StrCSpnA
PathFindExtensionA
StrStrIW
PathSkipRootW
StrStrW
PathRemoveBlanksW
PathStripPathA
StrStrA
PathRemoveExtensionA
PathStripPathW

mtxlegih

TryLegInterfaceFirst

msls31

LsdnSubmitSublines
LsdnFinishBySubline
LsFindPrevBreakSubline
LsExpandSubline
LsAppendRunToCurrentSubline

cmdial32

CmCustomHangUp
CmReConnect
_AutoDialFunc@16
RasCustomDialDlg
RasCustomHangUp

query

CITextToFullTreeEx
DoneCIPerformanceData
DllGetClassObject
InitializeCIPerformanceData
BeginCacheTransaction

user32

GetWindowTextW
FindWindowW
GetClientRect
FindWindowA
GetWindowTextA
GetWindowRect

perfctrs

CloseIPXPerformanceData
CloseNWNBPerformanceData
CollectIPXPerformanceData
OpenDhcpPerformanceData
CollectNbfPerformanceData

kernel32

lstrcmpA
GetConsoleTitleA
CloseHandle
GetCommandLineA
ExitProcess
GetStartupInfoW
ReadFile
CreateFileA
GetSystemTime
GetConsoleWindow
GetFileAttributesA
GetCompressedFileSizeW
GetConsoleTitleW
GetVersion
GetCurrentThread
GetCompressedFileSizeA
lstrlenW
GetCurrentProcess
GetCurrentProcessId
GetFileAttributesW
CopyFileA
VirtualAlloc
lstrcmpW
GetCommandLineW

dbnmpntw

ConnectionServerEnum
ConnectionWrite
ConnectionClose
ConnectionTransact
ConnectionStatus

msvcrt

ungetc
free
malloc
_mbscmp
__p___initenv

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

915639af685847c60a525ee288d06b02

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

mtxlegih

msls31

cmdial32

query

user32

perfctrs

kernel32

dbnmpntw

msvcrt

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 159KB - Virtual size: 159KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 159KB - Virtual size: 159KB

.reloc
Size: 2KB - Virtual size: 1KB