4ceed4487fa4961dae6ceea01477092c63738c2526ecfd371b24d7e7056d3b6b

Sharing

Copy URL Twitter E-mail

General

Target

4ceed4487fa4961dae6ceea01477092c63738c2526ecfd371b24d7e7056d3b6b
Size

340KB
MD5

16b9f787073a21756c7117138577ef2f
SHA1

3ae464d5ec77eb4e334777543c1a46b984c25723
SHA256

4ceed4487fa4961dae6ceea01477092c63738c2526ecfd371b24d7e7056d3b6b
SHA512

d7a0775ab07041c02af613680a17637e7dd7c284c9c7f97e36e0e0a53b285e0d6d34721179faaa9a22f192779373c3ceb9bca146242901f96b0a484dfcd807d2
SSDEEP

6144:WtyXQa5z/YKj/krYSPTY90jAOuX+YmsV3feUQiyy4cxN2:+yXQad6rYSPs9N3msVP1QDy4cxw

Score

N/A

Malware Config

Signatures

Files

4ceed4487fa4961dae6ceea01477092c63738c2526ecfd371b24d7e7056d3b6b
.exe windows x86

598277b4144c400067b1e4bce507c360

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
GetSystemInfo
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetModuleFileNameA
GetTempPathA
GetSystemDirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetLocaleInfoA
ExitProcess
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetTimeFormatA
GetFileAttributesA
GetTimeZoneInformation
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
FlushFileBuffers
SetFilePointer
VirtualProtect
VirtualQuery
ReadFile
LCMapStringA
LCMapStringW
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GetUserDefaultLangID
FormatMessageA
GetLastError
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetDateFormatA
GetCurrentProcess

user32

MessageBoxA
LoadStringA
FindWindowA
PeekMessageA
DispatchMessageA
TranslateMessage

winspool.drv

GetPrintProcessorDirectoryA
GetPrinterDriverDirectoryA

advapi32

RegOpenKeyA
RegCloseKey
CreateProcessAsUserA
RegOpenKeyExA
RegQueryValueExA
RegConnectRegistryA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

598277b4144c400067b1e4bce507c360

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

shell32

ole32

Sections

.text Size: 220KB - Virtual size: 219KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 220KB - Virtual size: 219KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 60KB - Virtual size: 60KB