ea95ad369876bcace34f091d3460f797ba57c92a4be8ec67c73d064ade4e790a

Sharing

Copy URL Twitter E-mail

General

Target

ea95ad369876bcace34f091d3460f797ba57c92a4be8ec67c73d064ade4e790a
Size

852KB
MD5

464a98ad926da8adc6a446eaab4beab1
SHA1

ba6c67433cf2b918c2339ed74415df978e32f4e5
SHA256

ea95ad369876bcace34f091d3460f797ba57c92a4be8ec67c73d064ade4e790a
SHA512

d9b4860e6ac6bd4509794c86c906a469f736016e368640eb95df72e66c3b67fb57131d13dfa9fc7f546dae1ba318e9679149a7b9b1bf687bdde0fe551b059282
SSDEEP

24576:EHs/JDVHwztjRkdt8FNjJWE3wCyWoT+hYVMewLKr6D:os/JDVHwyGJWqAVVry

Score

N/A

Malware Config

Signatures

Files

ea95ad369876bcace34f091d3460f797ba57c92a4be8ec67c73d064ade4e790a
.exe windows x86

c8aee8a3c576648623b3fdd23f687c8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBeep
ShowWindow
ChildWindowFromPointEx
GetSystemMenu
SendMessageA
IsWindowVisible
GetSysColor
FindWindowW
WinHelpW
GetWindowLongW
ChildWindowFromPointEx
PeekMessageW
MoveWindow
wsprintfA
PeekMessageW
SendMessageA
SetCapture

kernel32

GetLastError
LeaveCriticalSection
CreateFileW
LoadLibraryA
ExitProcess
GetACP
GetEnvironmentStrings
WideCharToMultiByte
GetLastError
CreateFileW
GetCurrentThreadId
GetCurrentProcess
LoadLibraryExA
HeapDestroy
SetEvent
WideCharToMultiByte
GetCurrentProcessId
CreateThread
VirtualAlloc
TerminateProcess
FreeLibrary
GetACP
GetStartupInfoA

shell32

DragQueryFileW
ExtractIconExW
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetFileInfoW
SHChangeNotify
SHGetPathFromIDListW
ExtractIconW
DragQueryFileW
SHGetDesktopFolder
ExtractIconExW
SHGetSpecialFolderPathW
DragAcceptFiles
CommandLineToArgvW
DragFinish
SHGetFolderPathW
SHGetFileInfoW
SHGetMalloc
SHGetMalloc
SHGetFileInfoW
Shell_NotifyIconW
ExtractIconExW
DragFinish

gdi32

GetObjectW
GetObjectW
DeleteDC
GetObjectW
BitBlt
PatBlt
SetTextColor
CreateCompatibleDC
CreateFontIndirectW
BitBlt
DeleteObject
SetBkMode
DeleteDC
GetStockObject
GetTextExtentPoint32W
CreateCompatibleBitmap
ExtTextOutW
StretchBlt
LineTo
SetTextColor
DeleteObject
GetTextMetricsW

advapi32

SetSecurityDescriptorDacl
RegDeleteKeyW
InitializeAcl
InitializeAcl
AllocateAndInitializeSid
OpenProcessToken
RegOpenKeyW
CloseServiceHandle
RegQueryValueExW
RegCreateKeyExA
InitializeSecurityDescriptor
RegDeleteKeyW
OpenThreadToken
SetSecurityDescriptorDacl
GetTokenInformation
InitializeAcl
RegQueryValueExW
RegQueryInfoKeyW
GetTokenInformation
RegDeleteKeyW
AddAccessAllowedAce
RegOpenKeyExW
InitializeSecurityDescriptor
CloseServiceHandle
FreeSid

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8aee8a3c576648623b3fdd23f687c8c

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

advapi32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 82KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 19KB - Virtual size: 20KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 82KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 19KB - Virtual size: 20KB