4430c8f2229f395e0763c789cbf44166ca1682a3c3fcc3125dc7faccbee29d99

Sharing

Copy URL Twitter E-mail

General

Target

4430c8f2229f395e0763c789cbf44166ca1682a3c3fcc3125dc7faccbee29d99
Size

730KB
MD5

8503064b472d04728054aa5643486970
SHA1

abfc1cb5adf685182e11399b26cf4bdfc79409a1
SHA256

4430c8f2229f395e0763c789cbf44166ca1682a3c3fcc3125dc7faccbee29d99
SHA512

558ab5735ee2b0958971483e8d50192fd7716d26d3834a781825aa9c79d8390f47a8814b2d3564b5d32ee5a7bc1593cb207145ad47cd31afbe0c6e606dc7d26e
SSDEEP

12288:9kL3LoCCwXSzg0a45aUY5de0he8qQzl4cn+QcWtWqLa/ZKiZwG8mtIkq+8y8Y4Wv:MxSE0a4diy8RZ+QptWQgwG88o+8L8h71

Score

N/A

Malware Config

Signatures

Files

4430c8f2229f395e0763c789cbf44166ca1682a3c3fcc3125dc7faccbee29d99
.exe windows x86

901539c6dd58b373c2af645b8cf1c54f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA

oleaut32

SysAllocString
SysFreeString

gdi32

BitBlt
GetDeviceCaps
CreateSolidBrush
SelectObject
GetStockObject
DeleteDC

kernel32

GetStdHandle
GetConsoleOutputCP
GetLastError
GetModuleHandleA
GetCurrentProcessId
GetCommandLineA
GetCurrentThreadId
GetTickCount
GetCurrentThread
GetVersion
ExitProcess
VirtualAlloc
Sleep
CreateProcessW
HeapCreate
SizeofResource
SetStdHandle
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
HeapSize
GetCurrentDirectoryA
lstrlenW
GetEnvironmentStrings
VirtualFree
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GlobalFree
lstrlenA
GetSystemInfo
LCMapStringW
LoadLibraryExW
LeaveCriticalSection
CreateFileA
TlsSetValue
GetFileType
CreateEventA
GetTimeZoneInformation
FindNextFileA
ResetEvent
FindFirstFileA
GetProcessHeap
GetProcAddress
DeleteFileW
GetCPInfo
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
QueryPerformanceCounter
FreeLibrary
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
SetEndOfFile
GlobalAlloc
TerminateProcess
SetUnhandledExceptionFilter
CreateThread
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
TlsGetValue
SetLastError
InterlockedDecrement
FindClose
InitializeCriticalSection
LocalFree
GetOEMCP
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
GetTempPathA
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
ReleaseMutex

user32

GetClientRect
wsprintfA
InvalidateRect
GetKeyState
GetSysColor
MessageBoxA
GetDesktopWindow
SendMessageA
LoadIconA
ScreenToClient
GetDlgItem
CreateWindowExA
EndDialog
SetWindowLongA
GetSystemMetrics
BeginPaint
MapWindowPoints
FillRect
SetTimer
GetSubMenu
LoadStringA
GetWindow
IsWindowEnabled
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
ReleaseDC
GetCursorPos
IsWindow
SetWindowPos
PostQuitMessage
SetForegroundWindow

Sections

.text
Size: 692KB - Virtual size: 1018KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

901539c6dd58b373c2af645b8cf1c54f

Headers

File Characteristics

Imports

advapi32

oleaut32

gdi32

kernel32

user32

Sections

.text Size: 692KB - Virtual size: 1018KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 11KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 692KB - Virtual size: 1018KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 18KB - Virtual size: 18KB