c4299fbae1cbbdcee9aa46ac383c4f010648cfde6c8339323afad62b906fb784

Sharing

Copy URL Twitter E-mail

General

Target

c4299fbae1cbbdcee9aa46ac383c4f010648cfde6c8339323afad62b906fb784
Size

220KB
MD5

97a48c86f1cd18facaa35fa3a7b4c6cc
SHA1

1cfc6591590e7c909a8399fe1068ac95136e37e2
SHA256

c4299fbae1cbbdcee9aa46ac383c4f010648cfde6c8339323afad62b906fb784
SHA512

20bd1e1cddf8ee1599f066809eb378d7c6951697776b62e1db5f46d184e3eda8bc18e0b29bc051ef68ead7a947674f4b20163add120fcaa9a0b37f35b5a5b4c7
SSDEEP

3072:l+q2BSuSVhNbRTZIzH19Ta8lWiILPr6sv6wOEN3RaVHtbR7XBkoR4D4HaN+1:l+pgu8vbReH1h1Wdr7axBRDBko05N+

Score

N/A

Malware Config

Signatures

Files

c4299fbae1cbbdcee9aa46ac383c4f010648cfde6c8339323afad62b906fb784
.exe windows x86

52a73cb6b747d19f9ae947825f58b441

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
SetUnhandledExceptionFilter
CompareStringW
FindFirstFileA
WaitForSingleObject
SetErrorMode
GetVersionExW
lstrlenW
GetLocaleInfoA
SetFilePointer
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
LCMapStringW
MultiByteToWideChar
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
InterlockedCompareExchange
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetCurrentThread
GetLastError
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
LockResource
FreeEnvironmentStringsW
LoadLibraryA
InterlockedExchange
ExitProcess
DeleteCriticalSection
SetEnvironmentVariableA
SetFilePointerEx
DeleteFileW
GetCurrentThreadId
SetStdHandle
SizeofResource
HeapDestroy
LoadLibraryExW
WriteConsoleW
WaitForSingleObjectEx
GetStartupInfoW
Sleep
IsValidCodePage
GetCurrentProcessId
CreateEventW
FormatMessageA
GlobalAlloc
CreateEventA
lstrlenA
CreateFileMappingA
GetSystemInfo
GlobalUnlock
LCMapStringA
GetConsoleOutputCP
FindNextFileW
LeaveCriticalSection
GetExitCodeProcess
GetSystemTimeAsFileTime
GetFileAttributesA
EnterCriticalSection
GetCommandLineW
FindFirstFileW
SetLastError
FindCloseChangeNotification
GetModuleHandleW
GlobalFree
LocalAlloc
GlobalLock
FatalAppExitA
VirtualAllocEx

user32

AdjustWindowRectEx
ShowWindowAsync
SetWindowPos
DestroyWindow
SetActiveWindow
ReleaseCapture
DestroyMenu
DestroyIcon
LoadIconA
InflateRect
SendMessageW
PtInRect
GetMenuStringW
SetCapture
CreateWindowExA
ClientToScreen
ReleaseDC
LoadStringW
GetSubMenu
CheckMenuItem
GetClientRect
UnregisterClassA
GetMenuItemCount
RegisterClassW
SetWindowLongW
OffsetRect
MessageBeep
TrackPopupMenu
CreateWindowExW
DrawFocusRect
GetActiveWindow
AllowSetForegroundWindow
SetWindowTextW
GetCursorPos
PostMessageW
MoveWindow
SetMenuItemInfoA
GetMenu
GetKeyState
DefWindowProcW

ole32

OleUninitialize
OleRegGetUserType
OleRun
OleInitialize
CoRevokeClassObject
CoCreateInstance
CoInitializeSecurity
CoDisconnectObject
ReleaseStgMedium
CoQueryProxyBlanket
CLSIDFromProgID
RevokeDragDrop
StgCreateDocfileOnILockBytes
CoLockObjectExternal
CoGetClassObject
CoRegisterMessageFilter
GetRunningObjectTable
CoTaskMemAlloc
CoFreeUnusedLibraries
CLSIDFromString
CoTaskMemFree
OleFlushClipboard
CoInitialize
CreateBindCtx
CreateStreamOnHGlobal
CoUninitialize
RegisterDragDrop
CreateILockBytesOnHGlobal
StringFromCLSID
CoCreateGuid

advapi32

RegSetValueExW
RegCloseKey
DeregisterEventSource
RegQueryValueExA
RevertToSelf
AllocateAndInitializeSid
RegDeleteKeyA
CryptCreateHash
FreeSid
RegDeleteKeyW
OpenProcessToken
CryptAcquireContextA
RegEnumValueW
EqualSid
CryptGenRandom
OpenServiceW
AddAccessAllowedAce
AdjustTokenPrivileges
CryptHashData
RegCreateKeyExW
GetLengthSid
RegOpenKeyExA
QueryServiceStatus
RegEnumKeyExA
RegOpenKeyExW
LookupPrivilegeValueA
RegQueryValueExW
AddAccessAllowedAceEx
InitializeAcl
RegDeleteValueA
GetTokenInformation
RegEnumValueA
RegCreateKeyExA
OpenThreadToken
SetSecurityDescriptorDacl
RegDeleteValueW
RegSetValueExA
InitializeSecurityDescriptor
RegQueryInfoKeyW
CryptAcquireContextW
RegEnumKeyExW
CryptDestroyHash
CryptReleaseContext
CloseServiceHandle

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52a73cb6b747d19f9ae947825f58b441

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 140KB - Virtual size: 240KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 140KB - Virtual size: 240KB

.rsrc
Size: 12KB - Virtual size: 11KB