b4444b41ed5a1dbce1ead58f4f91f786db7c30484fdd8146aedab8f09f37a381

Sharing

Copy URL Twitter E-mail

General

Target

b4444b41ed5a1dbce1ead58f4f91f786db7c30484fdd8146aedab8f09f37a381
Size

208KB
MD5

4bc02e5234ba0af4d6fe96d72882e7f3
SHA1

2ce9e1f7c1436b020e76cc51df6b778625e24b65
SHA256

b4444b41ed5a1dbce1ead58f4f91f786db7c30484fdd8146aedab8f09f37a381
SHA512

d0f16445caef754c4c3afc932d699e4d0294db1df48720302509b5bc54ba70ec6dae486639a7f2d38cde1d058b47c60fe98164970028a1763576b4c407e0d4ca
SSDEEP

3072:2dJYzF5p4zt3XkMwR1DOPrnhovymcKAmlG33j2qYw7xrd0XDrCXKud86i:2dJoGdQyjh2ygG3z2qYqVd0z26c

Score

N/A

Malware Config

Signatures

Files

b4444b41ed5a1dbce1ead58f4f91f786db7c30484fdd8146aedab8f09f37a381
.exe windows x86

a94a6c8edafae8e7075e00877a82ab47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
IsDebuggerPresent
FatalAppExitW
lstrcpy
WaitForMultipleObjects
OpenMutexA
GetDateFormatA
GetProcAddress
GetModuleHandleA
GetShortPathNameW
GetDiskFreeSpaceW

user32

InsertMenuW
EnumDesktopsW
GetWindowRect
MessageBoxIndirectW
ClientToScreen
wsprintfW
UpdateWindow
GetClassInfoA
GetMenuItemRect
GetClassInfoW
IsIconic
RegisterWindowMessageA
CheckMenuRadioItem
GetSysColor
GetCursorPos
wsprintfA
IsDlgButtonChecked
UpdateLayeredWindow
GetCapture
SetCapture
GetKeyState
EnumChildWindows
IsWindow
SendDlgItemMessageW
ArrangeIconicWindows
SetWindowTextW
ShowCursor
RegisterClassA
CharPrevA
EnumDesktopWindows
CreateWindowExA
DefWindowProcW
GetDC
LoadIconA
MonitorFromPoint
UpdateWindow
CheckDlgButton
CallWindowProcA
DefWindowProcA
wvsprintfW
CreateWindowExA
SetWindowLongW
CallWindowProcW
MessageBoxW
GetCaretPos
ShowWindow
GetKeyboardLayout

gdi32

CreateScalableFontResourceW
CreateICW
GetTextColor
ExtCreateRegion
GetEnhMetaFilePaletteEntries
PolyBezierTo
DrawEscape
BeginPath
GetBitmapBits
AddFontResourceA
GetClipRgn
ArcTo

advapi32

RegOpenKeyExW
RegEnumValueW
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegFlushKey
RegCreateKeyExW

shlwapi

PathIsRelativeW
PathRelativePathToW
SHIsLowMemoryMachine
StrFormatByteSizeW
SHRegSetUSValueW
SHRegGetUSValueW
StrCmpIW
PathIsUNCServerShareA
PathIsSameRootW
PathIsUNCA
StrRetToBufA
SHDeleteOrphanKeyW
PathMatchSpecW
SHQueryValueExW
PathRemoveBlanksW

comctl32

CreateToolbarEx
FlatSB_SetScrollRange
ShowHideMenuCtl
CreateStatusWindowW
DestroyPropertySheetPage
ImageList_Destroy
MenuHelp
ImageList_GetIcon

Sections

.mHBr
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.XLPcml
Size: 2KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GRc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.c
Size: 4KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uf
Size: 3KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a94a6c8edafae8e7075e00877a82ab47

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comctl32

Sections

.mHBr Size: 12KB - Virtual size: 12KB

.XLPcml Size: 2KB - Virtual size: 449KB

.GRc Size: 3KB - Virtual size: 4KB

.c Size: 4KB - Virtual size: 489KB

.data Size: 138KB - Virtual size: 142KB

.uf Size: 3KB - Virtual size: 354KB

.rsrc Size: 42KB - Virtual size: 42KB

.reloc Size: 1024B - Virtual size: 790B

.mHBr
Size: 12KB - Virtual size: 12KB

.XLPcml
Size: 2KB - Virtual size: 449KB

.GRc
Size: 3KB - Virtual size: 4KB

.c
Size: 4KB - Virtual size: 489KB

.data
Size: 138KB - Virtual size: 142KB

.uf
Size: 3KB - Virtual size: 354KB

.rsrc
Size: 42KB - Virtual size: 42KB

.reloc
Size: 1024B - Virtual size: 790B