4902bd7f4000ae3ee375b9e4ebc77a895857a3e8b270e778f08deec59edd85fc

Sharing

Copy URL Twitter E-mail

General

Target

4902bd7f4000ae3ee375b9e4ebc77a895857a3e8b270e778f08deec59edd85fc
Size

2.2MB
MD5

250b824efb7ee7074af7c93c5e9fd3b1
SHA1

3ee00d07d5d95d6a387643c5f4bb85e8f3177b1a
SHA256

4902bd7f4000ae3ee375b9e4ebc77a895857a3e8b270e778f08deec59edd85fc
SHA512

c229e4820e3a75e63b2c18e2ae67f0427c7bffaa5f11d1c3489971d95d1b4d1822a4c52604daf7daddb2a59f6145c2e16dd7a35306d128562df1e7b3c1f66462
SSDEEP

49152:y+hQdUL2oIi3lZJNMzlSIsEIG5KT2TLAIx2X78XOCiAJE9LRIn:ZhAUL2vqlZJNMzHsLGm2TLwr8+v9LRA

Score

1^/10

Malware Config

Signatures

Files

4902bd7f4000ae3ee375b9e4ebc77a895857a3e8b270e778f08deec59edd85fc
.exe windows x86

0215dc3baad612381d9dd2303b0fafb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyA
RegQueryValueW

user32

InvalidateRect
AdjustWindowRectEx
PostQuitMessage
EnableMenuItem
GetSystemMenu
GetDC
OffsetRect
CheckMenuRadioItem
ClientToScreen
DefWindowProcW
SetWindowPos
CreateMenu
LoadCursorW
LoadBitmapW
GetMessageTime
BeginPaint
ShowCursor
DispatchMessageW
EmptyClipboard
DestroyMenu
CreateWindowExW
DestroyCursor
ExitWindowsEx
MessageBoxW
AppendMenuW
GetCursorPos
SetForegroundWindow
GetWindowDC
WindowFromPoint
ShowCaret
GetClassNameW
ScreenToClient
GetParent
GetDlgItem
EnumWindows
OpenClipboard
UpdateWindow
WaitForInputIdle
MessageBeep
MsgWaitForMultipleObjects
PeekMessageW
GetSystemMetrics
GetWindowTextW
GetUpdateRect
CopyRect
DefFrameProcW
DrawIconEx
PostMessageW
TranslateMessage
RegisterClassW
GetMessageW
GetMenuItemCount
ShowWindow
UnregisterClassW
CallWindowProcW
RedrawWindow
TrackPopupMenu
SetWindowTextW
GetWindowTextLengthW
GetActiveWindow
SystemParametersInfoW
GetMenuItemInfoW
EndPaint
LoadImageW
SendMessageW
DrawMenuBar
GetFocus
GetForegroundWindow
DestroyWindow
MoveWindow
KillTimer
ReleaseDC
HideCaret
IsClipboardFormatAvailable
GetUpdateRgn
CloseClipboard
EnableWindow
CreatePopupMenu
LoadCursorFromFileW
IsIconic
RegisterClipboardFormatW
IsWindow
GetKeyState
GetSubMenu
SetTimer
GetWindow
SetFocus
DrawFocusRect
GetClipboardFormatNameW
ChildWindowFromPoint
LoadIconW

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetLastError
MultiByteToWideChar
WriteFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
WideCharToMultiByte
RtlUnwind
GetVersion
GetCommandLineA
HeapAlloc
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileMappingW
MapViewOfFile
CreateFileA
InitializeCriticalSection
ExitProcess
CreateFileW
UnmapViewOfFile
CloseHandle

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0215dc3baad612381d9dd2303b0fafb0

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 2.1MB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 2.1MB

.rsrc
Size: 20KB - Virtual size: 16KB