4ccf4416a4b237f236cb1df21f922545a82adce0c2ee5c6d600b2e8a74ad8a4d

Sharing

Copy URL Twitter E-mail

General

Target

4ccf4416a4b237f236cb1df21f922545a82adce0c2ee5c6d600b2e8a74ad8a4d
Size

221KB
MD5

35271ff43fb6d13da9e62bbc4b5dcce0
SHA1

73c9571078c47d29ddd336228c235cb819d41327
SHA256

4ccf4416a4b237f236cb1df21f922545a82adce0c2ee5c6d600b2e8a74ad8a4d
SHA512

77b6158c9e7619816a2fc819cb01019516cd80e215a68a6a4f449fd53ee82bfb0ed7d9d98161706bc6a40f523afbd2084b8d90249ada194b263a38af4c10dfa5
SSDEEP

6144:Fauaj128MughBzJo+FELS59ktQIpaBxwJn5IZdw:Raj12vDzJDa89QDpMwJST

Score

N/A

Malware Config

Signatures

Files

4ccf4416a4b237f236cb1df21f922545a82adce0c2ee5c6d600b2e8a74ad8a4d
.exe windows x86

95f51c8b665ceaf6bafa8f9ed85231c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrEncapsulatedUnionMarshall
RpcServerInqDefaultPrincNameW
I_RpcBindingIsClientLocal
I_RpcClearMutex

secur32

SetContextAttributesA
GetComputerObjectNameW
ImpersonateSecurityContext

oleaut32

VarBstrFromDate
VarI8FromUI8
VarUI4FromI2
VarBstrFromUI4
VarR4FromUI4
VarSu

rasapi32

RasRenameEntryA

ole32

OleCreateLinkToFile
CoLockObjectExternal
CoAllowSetForegroundWindow

shell32

SHGetDiskFreeSpaceExA
ord43
ord49

imm32

ImmGetCandidateListCountA
ImmSetStatusWindowPos
ImmSetConversionStatus

glu32

gluProject

opengl32

glGetTexEnviv
glGetTexGenfv
glLightfv

wininet

HttpSendRequestW
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA

shlwapi

PathQuoteSpacesA
PathIsDirectoryW
PathRemoveBlanksA
PathCanonicalizeW
ChrCmpIW

kernel32

GetSystemDefaultLCID
CreateProcessA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
DeleteFileW
lstrlenW
TerminateProcess

comdlg32

ChooseColorW
GetFileTitleW
PrintDlgW
GetOpenFileNameW
ChooseFontW

advapi32

RegSetValueExW
LookupPrivilegeValueW
UninstallApplication
EnumServicesStatusW
AddAuditAccessAce

Exports

Exports

FolkGuyskaifcoshKyarSousDuckdaffSoldaperBiseRareFortMojo
KamiRodsoohsroperealpoutStum
KeirsnyeGateRugaAuntCellgie
SpudchapGridTookOhiaplodmick
TileNeepeyraWiltoi
VailknowSunkFuelShowButtduciRoadudoma
WavyTillKirnHypeTopspainBoatkistNadamallcereeng

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_MEM_READ

.i_m_p
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_MEM_READ

.e_x_p
Size: 1024B - Virtual size: 525B

IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95f51c8b665ceaf6bafa8f9ed85231c6

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

secur32

oleaut32

rasapi32

ole32

shell32

imm32

glu32

opengl32

wininet

shlwapi

kernel32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 7KB

.i_m_p Size: 60KB - Virtual size: 60KB

.e_x_p Size: 1024B - Virtual size: 525B

.data Size: 53KB - Virtual size: 52KB

.tls Size: 512B - Virtual size: 33B

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 7KB

.i_m_p
Size: 60KB - Virtual size: 60KB

.e_x_p
Size: 1024B - Virtual size: 525B

.data
Size: 53KB - Virtual size: 52KB

.tls
Size: 512B - Virtual size: 33B

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 10KB - Virtual size: 9KB