ea92a9399eeccd0441606d62b7424d42d30a5650fe2e62f51dec5363bd679e5e

General

Target

ea92a9399eeccd0441606d62b7424d42d30a5650fe2e62f51dec5363bd679e5e
Size

313KB
MD5

8b484f285b3914df16a8b24f76077def
SHA1

607b07f8cc15ad4b5655cda0a48e09a1f26f54ba
SHA256

ea92a9399eeccd0441606d62b7424d42d30a5650fe2e62f51dec5363bd679e5e
SHA512

cba8e9803b60fb67164ff26e0e93635bfa4924df30cf925e1f8573efd716bd7c9673451a12b5ef620209ea5b667db8b3abc643d234de9dbae9ee0b34b67c19cc
SSDEEP

6144:SfHiaUZCGI/NQdZDF9bTpoXjEe4SVYYAHF3N+6Tnys+Qzzn4FpG:aDwCGCNQb2EpSVYFdUQzr4FA

Score

N/A

Malware Config

Signatures

Files

ea92a9399eeccd0441606d62b7424d42d30a5650fe2e62f51dec5363bd679e5e
.exe windows x86

29d17eb0cb4109f8ea2bf0faa9bd4c80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wsopen
__winitenv
gets
wcstod
fopen
atol
iswctype
_ismbchira
_lfind
iswalnum
_mbsncpy
_wspawnvpe
_amsg_exit
_wfindfirst

advapi32

IsTextUnicode
RegOpenKeyA
GetMultipleTrusteeW
ConvertSecurityDescriptorToAccessA

kernel32

GetEnvironmentStringsW
DisableThreadLibraryCalls
DeviceIoControl
SetErrorMode
GetCurrentProcess
GetCurrentDirectoryW
GetTickCount
VirtualAlloc
VirtualFree
GlobalGetAtomNameW
GetModuleHandleA
GetCommandLineW
GlobalFree
GetStartupInfoW
Sleep
OpenFileMappingW
ExitProcess

gdi32

GetMetaFileW
GdiFlush
GetPixel
GetMetaFileA
CancelDC
GetROP2
SetPixelV
SetLayout
PolyBezier
GetArcDirection
SetLayout
GdiGetBatchLimit
GetEnhMetaFileDescriptionW
PlayEnhMetaFile

user32

SetProcessDefaultLayout
GetCursorInfo
GetInputState
DdeEnableCallback
DlgDirSelectExW
IsMenu
GetListBoxInfo
DrawTextA
GetClipboardOwner
IsWindow
IsChild
ShowScrollBar
GetDialogBaseUnits
EnumWindows
CopyRect
FlashWindow
GetClassInfoW
OemToCharBuffW
GetGuiResources
EnumWindowStationsW
GetClassInfoExA
GetNextDlgGroupItem

Sections

.text
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29d17eb0cb4109f8ea2bf0faa9bd4c80

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

Sections

.text Size: 19KB - Virtual size: 20KB

.data Size: 9KB - Virtual size: 13KB

.rdata Size: 44KB - Virtual size: 132KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 19KB - Virtual size: 20KB

.data
Size: 9KB - Virtual size: 13KB

.rdata
Size: 44KB - Virtual size: 132KB

.rsrc
Size: 5KB - Virtual size: 5KB