4c9086cdb2152f9fd3c018926e47d18a0ad91c012110315d5ca012be76ebca49

General

Target

4c9086cdb2152f9fd3c018926e47d18a0ad91c012110315d5ca012be76ebca49
Size

18.9MB
MD5

cb4a17703387673b0893265714dac6c6
SHA1

a3687b1c8b35da98d2ec90cef5af0efad44b9285
SHA256

4c9086cdb2152f9fd3c018926e47d18a0ad91c012110315d5ca012be76ebca49
SHA512

6d6fab102c44ab0426b90d30acf501530b55965702d7559ce4cb8c9d1825df48d1a5962d1ed3e9e81fd600adf0c715666f6e44b555f7680a94365ffcd52d13f9
SSDEEP

393216:6xOm7/bnkP64KjUNmPALpZ2bn7mmzzWhLxX52/YepT3aCzcH:mH7DkPWjCGAto7DzzWjX5MYepTVa

Score

N/A

Malware Config

Signatures

Files

4c9086cdb2152f9fd3c018926e47d18a0ad91c012110315d5ca012be76ebca49
.exe windows x86

3d1ad404fff5aced37848e93788ba257

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckDlgButton
SetForegroundWindow
DestroyMenu
DefWindowProcW
PtInRect
TranslateMessage
PostQuitMessage
SetFocus
IsWindowVisible
BeginPaint
GetCursorPos
SetCursor
IsWindow
UnregisterClassA
GetSubMenu
GetFocus
GetWindowTextW
RegisterClassW
GetActiveWindow
MoveWindow
DestroyWindow

kernel32

lstrcmpiW
DeleteCriticalSection
GlobalFree
SetFilePointer
InterlockedExchange
RtlUnwind
SetUnhandledExceptionFilter
IsDebuggerPresent
ResetEvent
FormatMessageW
GetEnvironmentStrings
SetEvent
CreateEventW
GetFileType
Sleep
GetCommandLineW
HeapCreate
VirtualQueryEx
OpenEventA
_llseek

gdi32

CreatePalette
CreateSolidBrush
GetTextExtentPoint32W
CreateRectRgn
SetROP2
SaveDC

advapi32

LookupPrivilegeValueW
ImpersonateLoggedOnUser
AddAccessAllowedAce
RegQueryInfoKeyA
RegEnumValueA
RegisterEventSourceW
GetSecurityDescriptorLength
ChangeServiceConfigW
CloseServiceHandle
CryptSetKeyParam
CryptExportKey

Sections

.cod
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdat
Size: 67KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d1ad404fff5aced37848e93788ba257

Headers

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

Sections

.cod Size: 4.0MB - Virtual size: 4.0MB

.rdat Size: 67KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 2KB

.rsrc Size: 41KB - Virtual size: 41KB

.cod
Size: 4.0MB - Virtual size: 4.0MB

.rdat
Size: 67KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 41KB - Virtual size: 41KB