e9f10c8c32952054ffb16dc8dc128c724a8a94d6368b572eb590be9e301933bc

Sharing

Copy URL

Twitter E-mail

General

Target

e9f10c8c32952054ffb16dc8dc128c724a8a94d6368b572eb590be9e301933bc
Size

385KB
MD5

99dff7f8c3247349fe8bdc86543946b2
SHA1

dfc8a387ebb6ca2f47960e9518ef24c459cf8133
SHA256

e9f10c8c32952054ffb16dc8dc128c724a8a94d6368b572eb590be9e301933bc
SHA512

ec225599fb18be8164f57d41e13375509db6a213a85b8fd2bf0c23f2f9b3fc86f3e289ec14cdf62b28fb35ae2fb3525a44a7968989c469e6d64c2aa001a1e1d0
SSDEEP

6144:K1CXnJ0GHdQPWZ3yg+pYOgCiSiqUtO5PNaf1Y4UZ5NGAH8XEjNsW5sczEBeEQc24:K8dd9Eg+9jdNQYZ/N2XEj2FcyHoA

Score

N/A

Malware Config

Signatures

Files

e9f10c8c32952054ffb16dc8dc128c724a8a94d6368b572eb590be9e301933bc
.zip
Payment_copyUSD_pdf.exe
.exe windows x86

ad9ca47316a6e788f8f6cc89abe7ff19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
InterlockedDecrement
GetEnvironmentStringsW
InterlockedCompareExchange
GetTimeFormatA
GetModuleHandleW
GetTickCount
WaitNamedPipeW
ActivateActCtx
GlobalAlloc
SetFileShortNameW
SetConsoleCP
GetGeoInfoA
GetVolumePathNameA
lstrlenW
ReleaseActCtx
ResetEvent
LocalAlloc
GetTapeParameters
GlobalFindAtomW
GetOEMCP
EnumDateFormatsA
CreateMutexA
RequestDeviceWakeup
BuildCommDCBA
VirtualProtect
DeleteCriticalSection
ReadConsoleInputW
DeleteFileA
InterlockedIncrement
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapAlloc
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW

Exports

Exports

@GetVice@4
@SetVice@8

Sections

.text
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad9ca47316a6e788f8f6cc89abe7ff19

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 376KB - Virtual size: 376KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 10KB - Virtual size: 8.1MB

.rsrc Size: 38KB - Virtual size: 38KB

.text
Size: 376KB - Virtual size: 376KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 10KB - Virtual size: 8.1MB

.rsrc
Size: 38KB - Virtual size: 38KB