af4621c625afb68024f61600f975d63af187fe09452ba443267548caa46a4694

Sharing

Copy URL Twitter E-mail

General

Target

af4621c625afb68024f61600f975d63af187fe09452ba443267548caa46a4694
Size

190KB
MD5

a4d6d2385e7d7277190bd98a569e1d35
SHA1

c0646ca1df70084e73f3ffc5e501448143e679af
SHA256

af4621c625afb68024f61600f975d63af187fe09452ba443267548caa46a4694
SHA512

cd894209ad7e43ef3efa0b5e2b0d6ba00405efe0fb835e04f28061b73919beb002893245ece7755c44b842766aef318dfe9fe60045b6eb4422bcbc5400fc3191
SSDEEP

3072:m+15dD4mUQeL3N2aZ7Bw1tkjBtVFSxbB768Mxbmf0jNZv8VIbfh9moXtW:83oU7BwPkTVF4ACfqNuVgKoXo

Score

N/A

Malware Config

Signatures

Files

af4621c625afb68024f61600f975d63af187fe09452ba443267548caa46a4694
.exe windows x86

c9df27ad32268ee068534d2cac720ffd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetUserDefaultLCID
GetWindowsDirectoryW
CompareStringW
CompareStringA
LoadLibraryExA
GetModuleFileNameA
MultiByteToWideChar
lstrlenA
TlsAlloc
TlsGetValue
TlsSetValue
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
TlsFree
HeapAlloc
SetLastError
GetLastError
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetCurrentThreadId
InterlockedDecrement
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
GetStringTypeA
InterlockedIncrement
GetProcAddress
LoadLibraryA
FlushFileBuffers
GetLocaleInfoW
CloseHandle
SetStdHandle
SetFilePointer
WideCharToMultiByte
GetStdHandle
GetFileType
GetStringTypeW
VirtualAllocEx
GetProcessHeap
LocalAlloc

user32

SendMessageA
LoadStringA
SendMessageW
LoadStringW
GetWindowLongA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoCreateGuid
StringFromGUID2

tapi32

tapiRequestMakeCallW
lineGetIconA
lineGetTranslateCapsA
linePickupA
phoneGetRing
lineGetDevConfigA
phoneSetButtonInfoW
lineConfigDialogA
lineAddProviderA
lineMonitorTones
lineGetAppPriority
lineConfigDialogW
lineBlindTransfer
lineGatherDigitsA
phoneConfigDialogA
lineGetTranslateCaps
phoneGetGain
lineSetTollListW
lineSetAppPriorityA
lineShutdown
lineCreateAgentW
lineGetGroupListW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 20KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9df27ad32268ee068534d2cac720ffd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

tapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.bss Size: 20KB - Virtual size: 847KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 144KB - Virtual size: 535KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 15KB

.bss
Size: 20KB - Virtual size: 847KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 144KB - Virtual size: 535KB

.rsrc
Size: 2KB - Virtual size: 2KB