44581bf6e5ff2c32f158deb89021353da59522a06f02cd38500cbe59ee0c6e11[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

44581bf6e5ff2c32f158deb89021353da59522a06f02cd38500cbe59ee0c6e11.exe
Size

286KB
MD5

4d628230508d914d7825962b85228051
SHA1

d6d56418cc1375044d16c791a12599df2e1eca1c
SHA256

44581bf6e5ff2c32f158deb89021353da59522a06f02cd38500cbe59ee0c6e11
SHA512

b55938a819543cca4dc4572896e632c70050c322c431aaba34ef82e75b462c4d1bf677afe28dd71adc1bcb0caa963e6dab570ebdc1d6341ee40f98c08ffa606f
SSDEEP

3072:j+NtoLBfKkV87QNs2fo/vddKPpemc6T0d2WU2JjFw5+EH7BNclunTU0sGTOpqEz1:j+nowksZddKI9U2Ji5+ilLJEzKA6/pK

Score

N/A

Malware Config

Signatures

Files

44581bf6e5ff2c32f158deb89021353da59522a06f02cd38500cbe59ee0c6e11.exe
.exe windows x86

efeb4eea8cf826ea3e8e033e4f688b9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
SetStdHandle
WriteConsoleW
CreateFileA
CloseHandle
ReadFile
FreeLibrary
SetConsoleCtrlHandler
HeapReAlloc
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
SetEndOfFile
GetProcessHeap
FindAtomW
AddAtomW
GetLastError
GetProcAddress
GetACP
TerminateProcess
LoadLibraryW
GetTickCount
SetFilePointer
GetNativeSystemInfo
IsValidCodePage
GetOEMCP
FatalAppExitA
HeapSize
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
GetStringTypeW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
GetModuleHandleW
ExitProcess
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
QueryPerformanceCounter
CreateFileW

user32

CloseClipboard
LoadMenuIndirectA
LoadStringA
GetNextDlgTabItem
LoadKeyboardLayoutW
PeekMessageA
TranslateAcceleratorA
LoadCursorFromFileW
CreateIconFromResource
GetRawInputDeviceInfoW
DispatchMessageA
LoadCursorA
GetDlgCtrlID
GetDialogBaseUnits
LoadIconA

gdi32

StretchBlt
CopyMetaFileW
CombineRgn
EndPath
CopyEnhMetaFileW
BitBlt

advapi32

ChangeServiceConfigA
AdjustTokenGroups
PrivilegeCheck
AddAccessAllowedAceEx
AdjustTokenPrivileges

shell32

DragQueryFileW
FindExecutableW
ShellExecuteA

msimg32

TransparentBlt
GradientFill

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

efeb4eea8cf826ea3e8e033e4f688b9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msimg32

Sections

.text Size: 153KB - Virtual size: 153KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 7KB - Virtual size: 7.2MB

.rsrc Size: 69KB - Virtual size: 69KB

.reloc Size: 26KB - Virtual size: 54KB

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 7KB - Virtual size: 7.2MB

.rsrc
Size: 69KB - Virtual size: 69KB

.reloc
Size: 26KB - Virtual size: 54KB