4a484a43cd3bfca52d0590f349562776381ba656b3336bca6b8622bd9751c36c

General

Target

4a484a43cd3bfca52d0590f349562776381ba656b3336bca6b8622bd9751c36c
Size

204KB
MD5

34e904681855987e20eafeee0729736a
SHA1

8d191f0dbcec298979a116070ec719ab7e029fba
SHA256

4a484a43cd3bfca52d0590f349562776381ba656b3336bca6b8622bd9751c36c
SHA512

32571bfa284e81e17167e02569b42f2fb210c61179a14379405029de3ab596412cd702e0a8339bc721b99e92365c97aa781a83f01f38594d98d0d0902ead6cb4
SSDEEP

3072:Ks63/RfWqnEdTo4dczpUWB0BkDgiJ6Hco2SkF2bB5bnpEEs926FY96faf+qZ:Ks6vhi6zpUdkDgorSkFSn6/hA6ifB

Score

N/A

Malware Config

Signatures

Files

4a484a43cd3bfca52d0590f349562776381ba656b3336bca6b8622bd9751c36c
.exe windows x86

f9e5503013b91b5b318e322c1b3531f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCanonicalizeA
UrlIsW
ChrCmpIA

kernel32

CompareStringA
OpenEventW
SetFileAttributesA
IsDBCSLeadByte
GetCommandLineW
CopyFileW
GetFileAttributesExA
GetCurrentProcess
MoveFileExW
SetErrorMode
GetDriveTypeW
FindResourceA
CreateFileA
GetEnvironmentVariableW
GetCurrentThreadId

user32

CopyAcceleratorTableW
EnumDisplaySettingsA
GetForegroundWindow
VkKeyScanA
SetClipboardData

gdi32

CreateBitmap
OffsetRgn
CreateFontW
GetSystemPaletteUse
GetCharWidth32A
Escape
ExtTextOutA
CreateEnhMetaFileW
RestoreDC
CreateDCA
CreateFontA
StartPage
GetTextExtentPoint32W
SetAbortProc

Exports

Exports

?VirtualMemory@@YGKPAK@Z

Sections

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

code
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

regsvr
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f9e5503013b91b5b318e322c1b3531f2

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

Exports

Exports

Sections

.reloc Size: 3KB - Virtual size: 3KB

code Size: 30KB - Virtual size: 29KB

.data Size: 146KB - Virtual size: 145KB

regsvr Size: 18KB - Virtual size: 17KB

.rsrc Size: 5KB - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 946B

.reloc
Size: 3KB - Virtual size: 3KB

code
Size: 30KB - Virtual size: 29KB

.data
Size: 146KB - Virtual size: 145KB

regsvr
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 5KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 946B