c4ac6c520dae958e247ecd80e873482932d14ea8afa016b60cc5271fd2fa4bc1

Sharing

Copy URL

Twitter E-mail

General

Target

c4ac6c520dae958e247ecd80e873482932d14ea8afa016b60cc5271fd2fa4bc1
Size

230KB
MD5

033ed41c1d952f68be3ed7adb05a2793
SHA1

915637ea905ae88acbaa833cdb58f280e5140c54
SHA256

c4ac6c520dae958e247ecd80e873482932d14ea8afa016b60cc5271fd2fa4bc1
SHA512

8015f4008c86554bf13a33fcde32d03e34acc3993ff8411ca7799a295697cc19a0fa3bc3f97b7434889d70220a548809ff7f0103b30b1d2d16c839f4a2677ce8
SSDEEP

6144:N3AjS1fCMSTpaXp58v0BDUf2huNQYnnolGwD6j:WjMmDv0iAEQYnM

Score

N/A

Malware Config

Signatures

Files

c4ac6c520dae958e247ecd80e873482932d14ea8afa016b60cc5271fd2fa4bc1
.exe windows x86

531a42396cf453e7bf3e67b09276ab4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsA
CreateEventA
lstrcpynW
FindResourceW
GetSystemDefaultLangID
MultiByteToWideChar
OpenMutexA
LoadLibraryA
LocalAlloc
GetModuleHandleA
GetTempFileNameW
GetLastError
CreateMailslotW
CreateNamedPipeW
GetProcessHeaps
OpenFile
AddAtomA
GetLogicalDriveStringsW
GetVolumeInformationA
GetShortPathNameW
SetComputerNameA
IsBadStringPtrA
GetLogicalDrives
GetDiskFreeSpaceW
FileTimeToSystemTime
GetCurrentDirectoryW
RaiseException
GetVolumeInformationW
FindAtomA
GetProcAddress
OpenEventA
GetModuleHandleA
RemoveDirectoryW
GetUserDefaultLangID
GetSystemInfo
WaitForSingleObject

user32

GetMenuItemCount
CreatePopupMenu
AppendMenuA
EnumWindows
SetCapture
PostMessageW
GetMenuStringW
RegisterClassExW
WinHelpW
GetMenuItemInfoA
CreateAcceleratorTableW
SendDlgItemMessageW
GetForegroundWindow
EndDialog
LoadBitmapA
EnumWindowStationsW
SetFocus
WaitForInputIdle
ShowWindow
CharNextW
DefWindowProcA
LoadMenuW
GetClassInfoA
GetCapture
GetDlgItemInt
SetDlgItemTextW
MessageBoxIndirectW
GetMenu
SetForegroundWindow
UnregisterClassA
SetTimer
CreateDesktopW
EnableWindow
GetKeyboardLayout
LoadMenuA
CreateDialogParamA
DialogBoxIndirectParamA
AppendMenuW
LoadImageA
CreateWindowExA
GetSysColor
LoadCursorA
GetCursorPos
LoadMenuIndirectA
RemoveMenu
MessageBoxA
GetWindowRgn
CopyIcon
CreateDialogIndirectParamA
ShowCursor
PostMessageA
GetAsyncKeyState
SendDlgItemMessageA
GetClassInfoExW

advapi32

GetUserNameW

shell32

SHGetFolderPathA
StrStrA
ExtractAssociatedIconA
SHGetSpecialFolderLocation

comdlg32

FindTextA
LoadAlterBitmap
GetSaveFileNameW
PrintDlgA
GetOpenFileNameA
FindTextW

winspool.drv

EnumPrinterKeyW
StartDocPrinterW
SplDriverUnloadComplete
SetPrinterDataW
EnumPrinterDataExA
PrinterProperties

inetcomm

EssReceiptDecodeEx
MimeOleCreateVirtualStream
MimeOleCreateSecurity
MimeOleGetCodePageInfo
MimeOleSMimeCapGetEncAlg
MimeOleOpenFileStream
HrGetLastOpenFileDirectoryW
DllCanUnloadNow

oledlg

OleUIChangeIconA
OleUIConvertW
OleUIBusyA
OleUIConvertA
OleUIObjectPropertiesA
OleUIBusyW
OleUIChangeSourceA
OleUIInsertObjectW
OleUIAddVerbMenuW
OleUIUpdateLinksW
OleUIPromptUserA

sqlunirl

_lstrcpy_@8
_OemToCharBuff_@12
_ChangeDisplaySettings_@8
_GetCommandLine_@0
_GetDateFormat_@24
_WaitNamedPipe_@8
_FindWindow_@8
_tsystem
_FindResource@12

wsock32

getservbyport
getsockopt
WSASetBlockingHook
EnumProtocolsA
s_perror
WSAGetLastError
getsockopt
GetNameByTypeA
SetServiceW
WSApSetPostRoutine
WSAStartup
getservbyname

Sections

.W
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Amo
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FTAoy
Size: 177KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vGesnr
Size: 1KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jT
Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.URSi
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

531a42396cf453e7bf3e67b09276ab4f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comdlg32

winspool.drv

inetcomm

oledlg

sqlunirl

wsock32

Sections

.W Size: 16KB - Virtual size: 15KB

.Amo Size: 3KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 4KB

.FTAoy Size: 177KB - Virtual size: 303KB

.vGesnr Size: 1KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 10KB

.jT Size: 3KB - Virtual size: 17KB

.URSi Size: 3KB - Virtual size: 32KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 4KB

.W
Size: 16KB - Virtual size: 15KB

.Amo
Size: 3KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 4KB

.FTAoy
Size: 177KB - Virtual size: 303KB

.vGesnr
Size: 1KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 10KB

.jT
Size: 3KB - Virtual size: 17KB

.URSi
Size: 3KB - Virtual size: 32KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 4KB