fe1e4cdff548106ff7541f4dd6cc6eb43a9991df7fcc14a2c6f22e049cea9b97

Sharing

Copy URL Twitter E-mail

General

Target

fe1e4cdff548106ff7541f4dd6cc6eb43a9991df7fcc14a2c6f22e049cea9b97
Size

255KB
MD5

9ecad5cdfffbd0257b62a334e178faad
SHA1

960002b30940a88a750ace39d161dfc920234c68
SHA256

fe1e4cdff548106ff7541f4dd6cc6eb43a9991df7fcc14a2c6f22e049cea9b97
SHA512

4d7e72caee7f87134c4bf88bcd04252aff55b7ddca58874ee2527f966105dbc86b244517f04e3f49d092359825e84cd6115e8d8aab0d88f7316eb004bb4f9918
SSDEEP

6144:XPeW+BBY8gk/MAMurpOulwrqtSKQeXyqWYWw0bPYwRSaD9jN:Xx+1UFu9OulUSbH2CqPYwRSCjN

Score

N/A

Malware Config

Signatures

Files

fe1e4cdff548106ff7541f4dd6cc6eb43a9991df7fcc14a2c6f22e049cea9b97
.exe windows x86

4e4629ac5a377571caa775b8a0be86f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA

kernel32

lstrcmpiA
FormatMessageA
LeaveCriticalSection
lstrcpyA
HeapReAlloc
RaiseException
HeapSize
IsDBCSLeadByte
HeapAlloc
GetThreadLocale
LocalFree
FindResourceExA
DeleteCriticalSection
RemoveDirectoryA
GetACP
GetSystemTimeAsFileTime
WideCharToMultiByte
lstrcpynA
GetModuleHandleA
lstrlenA
GetCurrentThreadId
GetProcessHeap
SizeofResource
EnterCriticalSection
FindResourceA
lstrcatA
LoadResource
DeleteFileA
lstrlenW
HeapFree
LockResource
HeapDestroy
VirtualAllocEx

user32

CharNextA

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA

oleaut32

UnRegisterTypeLi
SysAllocString
RegisterTypeLi
LoadRegTypeLi
VarUI4FromStr
VariantClear
SysFreeString
VariantChangeType
LoadTypeLi
VariantInit
SysStringLen
SysAllocStringLen

shell32

SHGetFileInfoA

ole32

CoTaskMemFree
CoCreateInstance
StringFromGUID2
StringFromCLSID

rtm

RtmCloseEnumerationHandle
RtmGetNextHopInfo
RtmGetInstanceInfo
RtmReadInstanceConfig
RtmIgnoreChangedDests
RtmReleaseDestInfo
RtmDeleteNextHop
RtmInsertInRouteList
RtmGetNextHopPointer
RtmWriteInstanceConfig
RtmCreateRouteListEnum
RtmDeleteRouteTable
RtmReleaseNextHopInfo

bidispl

DllUnregisterServer
DllRegisterServer
DllGetClassObject

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e4629ac5a377571caa775b8a0be86f2

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

oleaut32

shell32

ole32

rtm

bidispl

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 223KB - Virtual size: 588KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 223KB - Virtual size: 588KB

.rsrc
Size: 4KB - Virtual size: 8KB