e42c4083e4b94fc90d5f4bf735259e3c50d8f76c5186f8f782c048c620b81c56

Sharing

Copy URL Twitter E-mail

General

Target

e42c4083e4b94fc90d5f4bf735259e3c50d8f76c5186f8f782c048c620b81c56
Size

173KB
MD5

43e110eb6de56e3fd9fc62c14283fa4e
SHA1

cd829c6d50c35ac7beb8bd563f4f51a632183c81
SHA256

e42c4083e4b94fc90d5f4bf735259e3c50d8f76c5186f8f782c048c620b81c56
SHA512

21dd34541b324877999015df1ac8d6799a307279c081945279d034f3c854bfaf89b32c7bd5f7e0da38f4c97e65c6fb4a08bf4757cd2547d914b60c879144f7e4
SSDEEP

3072:9jmN590hDQMvgStiLBqRHyVOjERWbgzMCi2e/gB/GgnayFjFC2JQ:xSYWMIStT42MM32FdbC2+

Score

N/A

Malware Config

Signatures

Files

e42c4083e4b94fc90d5f4bf735259e3c50d8f76c5186f8f782c048c620b81c56
.exe windows x86

40a7ca36b2525bf33fdb4d0908c68411

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

calloc
_onexit
_lock
__dllonexit
_unlock
_amsg_exit
_initterm
_XcptFilter
_callnewh
malloc
_CxxThrowException
free
__CxxFrameHandler
_aligned_free
ftell
fseek
fwrite
fread
feof
_aligned_malloc
memcpy
_purecall
memset
printf
strstr
rand
_vsnwprintf
fclose
fopen

advapi32

RegSetValueExW
RegCreateKeyExW
RegCloseKey

kernel32

GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
ReadFile
GetTempPathW
GetTempFileNameW
CreateFileA
SetFilePointer
GetLastError
WriteFile
CloseHandle
InterlockedExchangeAdd
InterlockedIncrement
InterlockedDecrement
IsProcessorFeaturePresent
VirtualAllocEx
GetCurrentDirectoryA
lstrlenA

ole32

CoCreateInstance
StringFromIID
CoTaskMemFree
CoTaskMemAlloc

shell32

SHChangeNotify

msls31

LsSetDoc
LssbGetDupSubline
LsDestroyLine
LsGetReverseLsimethods
LsdnFinishDeleteAll
LsSetExpansion

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 6KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40a7ca36b2525bf33fdb4d0908c68411

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

ole32

shell32

msls31

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 146KB - Virtual size: 297KB

.bss Size: 6KB - Virtual size: 488KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 146KB - Virtual size: 297KB

.bss
Size: 6KB - Virtual size: 488KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB