42b79bc7e8ace812c6952e087c9babc171398291077b602334b3b970cb0bd6fd

Sharing

Copy URL Twitter E-mail

General

Target

42b79bc7e8ace812c6952e087c9babc171398291077b602334b3b970cb0bd6fd
Size

20KB
MD5

f9d8101439819b208f0829f377198e71
SHA1

d743ed362904393e8c53483bf824a3040e2b9ae8
SHA256

42b79bc7e8ace812c6952e087c9babc171398291077b602334b3b970cb0bd6fd
SHA512

a325c9515c62c6c5717ea00f1bfb7cd813faad2667120d7be5367b005f40eba2938e38146c32af9bd3e29fa5e93dd3099ba0752ab4e14ce9d148555ed81b428a
SSDEEP

384:rKkYxrILlY0xSlKK25T5sEBjsV1xc+02UOm5SagqY/0++bmWC:GzVILl1cQjsx11UNlgqYc+wmWC

Score

N/A

Malware Config

Signatures

Files

42b79bc7e8ace812c6952e087c9babc171398291077b602334b3b970cb0bd6fd
.exe windows x86

4493614fc106e53758b317a3cf69ed66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
TlsAlloc
GetTempFileNameA
DeleteCriticalSection
GlobalFree
SetStdHandle
SizeofResource
GetFileAttributesW
SetHandleCount
Sleep
InterlockedDecrement
DeleteFileA
GetCommandLineA
VirtualFree
IsBadWritePtr
Sleep
GetProfileIntA
LeaveCriticalSection
SetPriorityClass
LocalFree
CreateProcessW
LockResource
TlsGetValue
FormatMessageA
FindClose
MultiByteToWideChar
GetLogicalDrives
SetUnhandledExceptionFilter
GetStartupInfoW
SetFileTime
IsBadReadPtr
SetFileAttributesW
HeapAlloc
GetStringTypeA
Beep
GetCommandLineW
GlobalAlloc
SearchPathA
IsBadCodePtr

odbcapi3

_Getcvt
_FNan
_FDtest
_Exp
_Hugeval
_Xbig

user32

InvalidateRect
GetWindowThreadProcessId
TranslateMDISysAccel
CopyRect
GetMenuItemCount
SetRect
IsWindow
CreateCaret
GetCursor
RemoveMenu
GetParent
GetWindowTextA
GetMenu
FrameRect
GetCursorPos
DrawIcon
DefFrameProcA
GetKeyboardLayoutList
DestroyIcon
RegisterClassExW
CallWindowProcA
GetMessageTime
ShowCursor
OffsetRect
GetNextDlgTabItem
ChangeDisplaySettingsExA
TranslateMessage
DrawMenuBar
GetFocus
CreateMenu
KillTimer
SetActiveWindow
ShowCaret
RedrawWindow
LoadImageA
SetCaretPos
DefMDIChildProcW
MessageBeep
SetCapture
EndPaint

ntdll

ZwSetEvent
RtlCancelTimer
RtlCompareMemory
NtQueryInformationFile
NtQueryValueKey
NtProtectVirtualMemory
ZwCreateTimer

gdi32

GetOutlineTextMetricsA
GetViewportOrgEx
SaveDC
PlayMetaFileRecord
CreatePatternBrush
SetWindowOrgEx
GetRasterizerCaps
GetNearestColor
GetFontData
GetTextFaceA
SetBkColor
GetPixel
GetWinMetaFileBits
DeleteObject
SelectObject
Ellipse
GetBitmapBits
GetTextAlign
Escape
SetMapMode
BitBlt
SetWindowExtEx
GetSystemPaletteUse
LPtoDP

ole32

OleDuplicateData
OleRegEnumVerbs
OleIsCurrentClipboard
OleQueryLinkFromData
WriteClassStm
OleCreateMenuDescriptor
StringFromGUID2
CoIsOle1Class
StgOpenStorageOnILockBytes
CoGetMalloc
CreateGenericComposite
OleCreateEmbeddingHelper

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 211KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4493614fc106e53758b317a3cf69ed66

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbcapi3

user32

ntdll

gdi32

ole32

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 211KB - Virtual size: 212KB

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 211KB - Virtual size: 212KB