b4bf40c71f137854d16afe2e541a4031c8b1792ddd6e4c876b5e92976a26e091

Sharing

Copy URL Twitter E-mail

General

Target

b4bf40c71f137854d16afe2e541a4031c8b1792ddd6e4c876b5e92976a26e091
Size

249KB
MD5

b9d717358789696466954f853393dfbf
SHA1

d7a308d9eb775122081a63497094b425e8247669
SHA256

b4bf40c71f137854d16afe2e541a4031c8b1792ddd6e4c876b5e92976a26e091
SHA512

16acfabc4cb4df6ada177e416877dee49935cf2be87c65e1a89a332c0180c98c61564f1099508b3af6203f1f49621c67872bf532c78dee6a662b4fdc5414a5f9
SSDEEP

6144:Uqki4UKpJxhYwqUO1cgcutZd8r/UfIB3gCUzR2e:UrGIYqO1cgftz8r/UOgCNe

Score

N/A

Malware Config

Signatures

Files

b4bf40c71f137854d16afe2e541a4031c8b1792ddd6e4c876b5e92976a26e091
.exe windows x86

1dcda6fdf47f280348ab04658fe71a1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

WriteClassStm
OleRegEnumVerbs
OleRegGetMiscStatus
CoTaskMemAlloc
CreateOleAdviseHolder
StringFromGUID2
CoTaskMemRealloc
OleLoadFromStream
OleRegGetUserType
CreateDataAdviseHolder
OleSaveToStream
CoCreateInstance
CoTaskMemFree

kernel32

GetACP
lstrcmpA
GetTempFileNameW
CreateDirectoryW
WritePrivateProfileStringA
HeapReAlloc
TlsAlloc
TlsGetValue
FlushInstructionCache
TerminateThread
RaiseException
TlsSetValue
SetUnhandledExceptionFilter
GetLocalTime
MulDiv
FreeEnvironmentStringsW
ReleaseMutex
CreateMutexA
GetCommandLineA
OutputDebugStringA
RtlUnwind
ReadFile
lstrcpyA
SetLastError
lstrcatA
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetFileAttributesA
HeapAlloc
GlobalUnlock
CreateThread
GetTempPathW
lstrlenA
SetStdHandle
VirtualQuery
GetTempPathA
GetSystemInfo
WriteConsoleA
CreateFileA
GetFileType
GetCurrentThreadId
LeaveCriticalSection
FindResourceA
VirtualAlloc
WriteConsoleW
DeleteFileA
WaitForSingleObject
TlsFree
SetHandleCount
HeapFree
GetConsoleCP
DeleteFileW
VirtualFree
GetModuleHandleA
GetStdHandle
IsDBCSLeadByte
LoadLibraryExA
GetThreadLocale
GetOEMCP
FindFirstFileA
GetProcessHeap
LCMapStringA
CreateEventA
GetConsoleOutputCP
SizeofResource
GlobalAlloc
FindNextFileA
FreeLibrary
lstrcmpiA
EnterCriticalSection
CreateMutexW
FindClose
WriteFile
FlushFileBuffers
VirtualProtect
UnhandledExceptionFilter
CreateFileW
GetSystemTimeAsFileTime
lstrlenW
HeapSize
SetFilePointer
IsValidCodePage
HeapDestroy
WaitForMultipleObjects
IsDebuggerPresent
WideCharToMultiByte
GlobalLock
LCMapStringW
CloseHandle
LoadResource
FreeEnvironmentStringsA
GetConsoleMode
DeleteCriticalSection
GetModuleHandleW

user32

MessageBoxA
wsprintfA
GetParent
SetWindowRgn
GetForegroundWindow
ShowWindow
SetFocus
GetWindowLongA
IntersectRect
DestroyWindow
SetWindowPos
ReleaseDC
DefWindowProcA
SetWindowLongA
GetDC
CallWindowProcA
EqualRect
UnionRect
LoadCursorA
CharNextA
OffsetRect
GetKeyState
UnregisterClassA
PtInRect
InvalidateRect
GetFocus
IsChild
SetCursor
GetClientRect
IsWindow

oleaut32

UnRegisterTypeLi
VariantCopy
LoadTypeLi
SysStringByteLen
SysStringLen
DispCallFunc
VariantChangeType
VariantInit
SysAllocString
VarUI4FromStr
SysAllocStringByteLen
OleCreatePropertyFrame
LoadRegTypeLi
VariantClear
SysFreeString
RegisterTypeLi

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegOpenKeyExW
RegOpenKeyExA
RegOpenCurrentUser

gdi32

CloseMetaFile
RestoreDC
SetTextAlign
LPtoDP
SetWindowOrgEx
SetViewportOrgEx
SetMapMode
DeleteDC
GetDeviceCaps
CreateRectRgnIndirect
CreateDCA
DeleteMetaFile
SaveDC
SetWindowExtEx
TextOutA
CreateMetaFileA

cmutil

CmMalloc
CmAtolW
CmStrCatAllocW
CmFree
CmStrchrA
CmLoadStringW

winipsec

EnumMMPolicies
SetMMFilter
EnumTransportFilters
GetMMPolicyByID

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tSLff
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.noymeR
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ByQGDt
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zCwd
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BMgq
Size: 1024B - Virtual size: 903B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MgSzJ
Size: 1024B - Virtual size: 1018B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MvyCbs
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wAkcmH
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1dcda6fdf47f280348ab04658fe71a1a

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

gdi32

cmutil

winipsec

Sections

.text Size: 18KB - Virtual size: 17KB

.tSLff Size: 1KB - Virtual size: 1KB

.noymeR Size: 512B - Virtual size: 348B

.ByQGDt Size: 2KB - Virtual size: 1KB

.zCwd Size: 2KB - Virtual size: 1KB

.BMgq Size: 1024B - Virtual size: 903B

.rdata Size: 5KB - Virtual size: 4KB

.MgSzJ Size: 1024B - Virtual size: 1018B

.data Size: 212KB - Virtual size: 262KB

.rsrc Size: 2KB - Virtual size: 1KB

.MvyCbs Size: 512B - Virtual size: 392B

.wAkcmH Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.tSLff
Size: 1KB - Virtual size: 1KB

.noymeR
Size: 512B - Virtual size: 348B

.ByQGDt
Size: 2KB - Virtual size: 1KB

.zCwd
Size: 2KB - Virtual size: 1KB

.BMgq
Size: 1024B - Virtual size: 903B

.rdata
Size: 5KB - Virtual size: 4KB

.MgSzJ
Size: 1024B - Virtual size: 1018B

.data
Size: 212KB - Virtual size: 262KB

.rsrc
Size: 2KB - Virtual size: 1KB

.MvyCbs
Size: 512B - Virtual size: 392B

.wAkcmH
Size: 2KB - Virtual size: 1KB