ea93b80d7361f6fafb2a50721c9f487f345dbdd06cef2302347f8102d8e1f3e3

Sharing

Copy URL Twitter E-mail

General

Target

ea93b80d7361f6fafb2a50721c9f487f345dbdd06cef2302347f8102d8e1f3e3
Size

151KB
MD5

20c876207da9b312156ace5981272444
SHA1

d6b914e522e889d4e453bccd1b435034570312e6
SHA256

ea93b80d7361f6fafb2a50721c9f487f345dbdd06cef2302347f8102d8e1f3e3
SHA512

d2dbc09f62f1ad1672b35a5ee4dc81563df3db80c6f5514639d86addc793b05c42204fc49811c699375575dd9647783968a5d7dd2db69e3c92f3df2ae81d7951
SSDEEP

3072:aXmhYrpAe6DJcJLUo9hh6eDqefnc+XKURvLNF8q:aXeXe6KJIo9WMnc+XFpNF5

Score

N/A

Malware Config

Signatures

Files

ea93b80d7361f6fafb2a50721c9f487f345dbdd06cef2302347f8102d8e1f3e3
.exe windows x86

94f386632bc889c4000c8ff8b8e45644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitializeSid
RegFlushKey
RegEnumKeyW
RegOpenKeyA
GetUserNameW
LookupAccountNameW
RegEnumKeyExW
OpenThreadToken
CryptHashData
GetTraceEnableLevel
CopySid
InitializeAcl
GetSecurityDescriptorDacl
RegEnumValueW
RegOpenKeyW
RegEnumValueA
SetEntriesInAclW
IsValidAcl
LsaQueryInformationPolicy
IsValidSid

oleaut32

SafeArrayPtrOfIndex
RegisterTypeLib
SafeArrayGetElement
SafeArrayAccessData
VariantCopyInd
SysAllocStringLen
GetErrorInfo
SafeArrayCreate

kernel32

GetThreadLocale
HeapAlloc
CreateDirectoryA
SetFileAttributesW
GetEnvironmentStrings
IsBadWritePtr
ExitProcess
VirtualAlloc
GetCurrentProcessId
CreateMutexW
GetOEMCP
GetFileAttributesW
GetVersionExW
GetLocaleInfoW
RemoveDirectoryW
GetCurrentThreadId

msvcrt

__p__iob
wcsncpy
__set_app_type
_itow
_chsize
wcsstr
??2@YAPAXI@Z
towlower
rand
_unlock
floor
strchr
sprintf
__p__fmode
malloc
_commit
srand
_tell
wcsncmp
isleadbyte
mbstowcs
_access
__p__commode
_XcptFilter
swprintf
__setusermatherr
_ftol

ole32

CoCreateInstanceEx
StgOpenStorage
CoCreateGuid
StgCreateDocfile
CoUninitialize
CoMarshalInterface
CoRetireServer
CoReleaseMarshalData
CoUnmarshalInterface
CoGetInterfaceAndReleaseStream
CreateBindCtx
GetHGlobalFromStream
ReleaseStgMedium
OleRun

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94f386632bc889c4000c8ff8b8e45644

Headers

File Characteristics

Imports

advapi32

oleaut32

kernel32

msvcrt

ole32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 65KB - Virtual size: 65KB

.reloc Size: 512B - Virtual size: 480B

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 65KB - Virtual size: 65KB

.reloc
Size: 512B - Virtual size: 480B

.rsrc
Size: 4KB - Virtual size: 8KB