4dcf71294c2eac9daea67264934f4bc2842809cea249d3aae052290a2f656c24

Sharing

Copy URL

Twitter E-mail

General

Target

4dcf71294c2eac9daea67264934f4bc2842809cea249d3aae052290a2f656c24
Size

830KB
MD5

8f4aa27d4f7adf1dba54fda189c7dc5a
SHA1

dd2175073484a08d74a950f4c3e7f024843b46e7
SHA256

4dcf71294c2eac9daea67264934f4bc2842809cea249d3aae052290a2f656c24
SHA512

7eba97cd52b970b243f352dbc0862441c6bd2f705347d196d56f9c27cdced2a73157237b2d27c6047ecd34fb90029e95f5420d6bb2cc20d76aee31af07f37b68
SSDEEP

12288:H9AJkL2RteaZhiIEvPkmzxpzdMeDSPtJyVUD10vrx/:HaJkLCA4uH5l/+JyK2R

Score

N/A

Malware Config

Signatures

Files

4dcf71294c2eac9daea67264934f4bc2842809cea249d3aae052290a2f656c24
.exe windows x64

2c04b499bf6690156a8d10423e77648b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVersionExA
GetModuleHandleA
GetProcAddress
LoadLibraryExW
lstrcatW
lstrlenW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
GetLastError
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventA
CreateSemaphoreA
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
Sleep
ExitProcess
CreateThread
LoadResource
LockResource
FindResourceA
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GlobalUnlock
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryA
LoadLibraryW
LocalFree
FormatMessageA
FormatMessageW
GetCurrentDirectoryA
GetCurrentDirectoryW
CreateDirectoryA
CreateDirectoryW
CreateFileW
DeleteFileA
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
SetFileAttributesA
SetFileAttributesW
SetFileTime
SetLastError
GetSystemDirectoryW
GetCurrentThreadId
GetTickCount
GetModuleHandleW
MoveFileA
MoveFileW
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetLogicalDriveStringsW
GetLogicalDriveStringsA
CreateFileA
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
GlobalAlloc
GlobalFree
CompareFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcess
GlobalMemoryStatusEx
GetSystemInfo
GetProcessAffinityMask
GetStdHandle
SetPriorityClass
WaitForMultipleObjects
CreateMutexA
CreateProcessW
ReadProcessMemory
WriteProcessMemory
lstrcpyA
GetCommandLineW
IsProcessorFeaturePresent
VirtualFree
GetCurrentProcessId
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
HeapFree
OutputDebugStringW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
HeapSize
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetModuleHandleExW
GetProcessHeap
GetCommandLineA
HeapReAlloc
RaiseException
RtlPcToFileHeader
IsDebuggerPresent
RtlLookupFunctionEntry
RtlUnwindEx
ExitThread
DecodePointer
EncodePointer
HeapAlloc
VirtualAlloc

user32

SendMessageA
ShowWindow
MoveWindow
OpenClipboard
CloseClipboard
SetClipboardData
SendMessageW
MessageBoxW
CharUpperW
CharUpperA
EmptyClipboard
LoadIconA
LoadCursorA
SetCursor
KillTimer
SetTimer
IsDlgButtonChecked
CheckDlgButton
InvalidateRect
EnableWindow
GetKeyState
GetFocus
SetFocus
EndDialog
PostMessageA
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
SetWindowTextW
SetWindowTextA
LoadStringW
LoadStringA
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
MapDialogRect
GetParent
SetWindowLongPtrA
GetWindowLongPtrA
ScreenToClient
GetWindowRect
GetDlgItem
DialogBoxParamW
DialogBoxParamA

shell32

SHGetMalloc
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize
OleInitialize

oleaut32

VariantInit
SysFreeString
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpCloseHandle
WinHttpOpen

shlwapi

PathFileExistsW
StrStrA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c04b499bf6690156a8d10423e77648b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

winhttp

shlwapi

rpcrt4

Sections

.text Size: 290KB - Virtual size: 289KB

.rdata Size: 135KB - Virtual size: 134KB

.data Size: 11KB - Virtual size: 41KB

.pdata Size: 17KB - Virtual size: 17KB

.rsrc Size: 369KB - Virtual size: 369KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 290KB - Virtual size: 289KB

.rdata
Size: 135KB - Virtual size: 134KB

.data
Size: 11KB - Virtual size: 41KB

.pdata
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 369KB - Virtual size: 369KB

.reloc
Size: 6KB - Virtual size: 5KB