7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96

Sharing

Copy URL

Twitter E-mail

General

Target

7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96
Size

259KB
MD5

e1d15bc2bba8a703e58d9e844079f8c3
SHA1

1b6b3448e82557b750df3b4bf251246745d5afdd
SHA256

7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96
SHA512

c7172cee3931e4495a3c792c3e65de660be14f47b091a2bd00cece50079623cec7f15813d78aeca2162cebcf2333eb2941105b956b0f7de7915532e4e13e4558
SSDEEP

6144:yZIojQ83POk96rUKKEmnfjMGtq/qwA8lBGAeaZ3wQEBFP:0v3POk96WrfIpA8LGAea1aFP

Score

N/A

Malware Config

Signatures

Files

7e5ef2c521a8dc931009531d1657b727fc34f950e6f2a4ba71a55c4b37fade96
.exe windows x86

a2ceaa6e5d88760760eeb822360479e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalMemoryStatus
VirtualProtect
GetLastError
TryEnterCriticalSection
UnlockFile
CloseHandle
SetCommMask
GetSystemTimes
GetTickCount
FormatMessageW
lstrcpynA
lstrlenW
GetCurrentDirectoryW
GetVolumeNameForVolumeMountPointA
GetVolumeNameForVolumeMountPointW
GetNumberFormatA
PeekConsoleInputW
WriteConsoleOutputCharacterW
VerLanguageNameA
GetStringTypeW
OutputDebugStringW
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
EncodePointer
DecodePointer
RaiseException
RtlUnwind
GetCommandLineW
IsProcessorFeaturePresent
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
HeapSize
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
CreateFileW

user32

BroadcastSystemMessageA
RegisterClassExA
ScrollWindowEx
GetPropW
SetCursor
GetCaretPos
DefMDIChildProcA

winhttp

WinHttpCheckPlatform
WinHttpOpen
WinHttpCloseHandle
WinHttpWriteData
WinHttpQueryDataAvailable
WinHttpCrackUrl

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2ceaa6e5d88760760eeb822360479e8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winhttp

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 100KB - Virtual size: 8.1MB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 100KB - Virtual size: 8.1MB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 5KB - Virtual size: 5KB