04d190464e3634545d8d659fc68adf2347d620c6c8b48eec0570e5da83a6a4cc

Sharing

Copy URL

Twitter E-mail

General

Target

04d190464e3634545d8d659fc68adf2347d620c6c8b48eec0570e5da83a6a4cc
Size

588KB
MD5

1737dfccee856cf4a6159975137e9d03
SHA1

c72702a852b29960544126f2e1431807d82ce020
SHA256

04d190464e3634545d8d659fc68adf2347d620c6c8b48eec0570e5da83a6a4cc
SHA512

19eef64a748d214b61ca210452b65c4671395d94f95cb7529c7dd64795a7331b42ccd82fd781454189203fe33f7038764e3bd043bb6c359974eac3c932d5a73c
SSDEEP

6144:FatPSOmKTeem8SIlh7pub2QM0p9Vw1zsWAmgSv81/i5q4qYrniAKGPx9tk7F1jRg:FapSDslL0rwhtVKWniGSVrgDs

Score

N/A

Malware Config

Signatures

Files

04d190464e3634545d8d659fc68adf2347d620c6c8b48eec0570e5da83a6a4cc
.dll windows x86

a344f674f5231732ad01303cf6713093

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

wsprintfA
WindowFromPoint
WindowFromDC
UnloadKeyboardLayout
UnhookWindowsHookEx
SetWindowsHookExA
SetTimer
ReplyMessage
ReleaseDC
RegisterClassA
RedrawWindow
PeekMessageA
MessageBoxA
KillTimer
IsIconic
IntersectRect
GetSystemMetrics
GetParent
GetMenu
GetDC
GetClientRect
FrameRect
EqualRect
DestroyWindow
DdeAccessData
CreateWindowExA
CloseWindowStation
ClientToScreen
CheckDlgButton
BeginPaint
AdjustWindowRectEx

gdi32

SelectObject
PolyPolyline
PlayMetaFile
GetTextCharset
GetPixelFormat
GetObjectType
GetDeviceCaps
GetCurrentObject
DeleteObject
DeleteDC
CreateDIBSection
BitBlt

kernel32

TerminateProcess
SetStdHandle
SetNamedPipeHandleState
SetLastError
SetHandleCount
SetFilePointer
SetEnvironmentVariableA
TlsAlloc
SetCommState
RtlUnwind
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
LocalAlloc
LeaveCriticalSection
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
SetEndOfFile
BackupWrite
CloseHandle
CompareStringA
CompareStringW
CreateMutexA
DebugActiveProcess
EnumSystemLocalesA
ExitProcess
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetEnvironmentStringsW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLCID
GlobalAlloc
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
IsValidCodePage
IsValidLocale

Exports

Exports

GetImporter
Module_AddObject
Number_CoerceEx
SetItem
get_iCCP
permit_mng_features

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a344f674f5231732ad01303cf6713093

Headers

File Characteristics

Imports

advapi32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 349KB - Virtual size: 348KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 349KB - Virtual size: 348KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 6KB - Virtual size: 5KB