eb06a8f47538b2a1ec23707ffc31ef5a1be8abbc19902843ee47100f21dcb80a

Sharing

Copy URL

Twitter E-mail

General

Target

eb06a8f47538b2a1ec23707ffc31ef5a1be8abbc19902843ee47100f21dcb80a
Size

158KB
MD5

84ee9624feeac6931647a8b4c1fcbb3b
SHA1

294c8129211e8d71edcf1d6132595337282ac59d
SHA256

eb06a8f47538b2a1ec23707ffc31ef5a1be8abbc19902843ee47100f21dcb80a
SHA512

c2516a0e8415b7444d8304ff2693cb4c226b0b3995ccabebcc30a21c2d1d7fe8bd39f5c188b8bf2252687ef0ed699b087dcb94f43a2fb80d7b5c6e3795913a41
SSDEEP

3072:w8aXK/FyDzbSiYeiMGARu0snVS7cMKUp9n/aLSPH/9/erQ5nA:jjGnSiYeiT4oMlp9eSdA

Score

N/A

Malware Config

Signatures

Files

eb06a8f47538b2a1ec23707ffc31ef5a1be8abbc19902843ee47100f21dcb80a
.exe windows x86

aece8d7cb882a46b1fce198d68680960

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetLayoutWidth
GdiSwapBuffers
GdiGetPageHandle
GdiPlayPageEMF
GetCharacterPlacementA
PathToRegion
GetLogColorSpaceW
RestoreDC
GetDIBits
EngReleaseSemaphore
GetRasterizerCaps
GetCharWidth32A
EngGetPrinterDataFileName
GdiConvertFont
SetColorAdjustment
EnumFontFamiliesExA
EnumFontFamiliesA
GdiConvertRegion
EnableEUDC
GetROP2
PolyTextOutW
GdiValidateHandle
FrameRgn
GetMapMode
DeleteColorSpace
GetObjectA
EngLoadModule
CreatePolyPolygonRgn
CreateCompatibleBitmap
AddFontResourceW
SetTextCharacterExtra
EngMultiByteToWideChar
GetKerningPairsA
GetMetaRgn
GetEnhMetaFileW
StartPage
GdiFixUpHandle
EngEraseSurface
GdiInitializeLanguagePack
Arc
GdiGetLocalFont
ResizePalette
GetRelAbs
AddFontResourceExW
EngMarkBandingSurface
EngDeleteSurface

ole32

StgCreateStorageEx
CoGetStdMarshalEx
CoSwitchCallContext
CoUnloadingWOW
StgCreatePropSetStg
CoGetTreatAsClass

advapi32

EncryptionDisable
LsaClose
RegisterEventSourceW
OpenTraceA
BuildTrusteeWithObjectsAndSidW
GetServiceDisplayNameA
LsaClearAuditLog
GetAce

user32

TrackPopupMenu
MessageBoxExA
OpenWindowStationA
SetRectEmpty
DdeQueryConvInfo
WINNLSGetEnableStatus
IsCharAlphaW
OemKeyScan
RealGetWindowClassW
ChangeDisplaySettingsW
SetThreadDesktop
DdeAccessData
GetQueueStatus
CharPrevExA
InflateRect
SendMessageTimeoutW
CharLowerBuffW
GetWindowRect
RegisterClipboardFormatW
OemToCharA
RegisterHotKey
LoadImageA
CreateDesktopA
LoadImageW
ScrollDC
LoadMenuA
VkKeyScanExA
GetClipboardViewer
GetScrollRange
MapVirtualKeyExA
LoadMenuW
GetWindowLongW
EndTask
SendMessageA
DefDlgProcW
wvsprintfW
InsertMenuA

kernel32

lstrlen
ReplaceFileW
lstrlenA
Process32NextW
GetCompressedFileSizeA
DnsHostnameToComputerNameW
PeekConsoleInputA
GetThreadTimes
ReadDirectoryChangesW
ScrollConsoleScreenBufferW
GlobalGetAtomNameW
FindFirstChangeNotificationA
CreateTapePartition
IsBadStringPtrA
Heap32Next
SetThreadAffinityMask
GetVolumeInformationA
SetLocaleInfoA
Sleep
lstrcpy
GetOverlappedResult
Heap32ListNext
GetFullPathNameA
DuplicateHandle
DosDateTimeToFileTime
GetLargestConsoleWindowSize
GetPriorityClass
GetFileType
FlushInstructionCache
UnlockFile
ReleaseMutex
ClearCommBreak
SetUnhandledExceptionFilter
GetCommandLineA
GetModuleHandleW
IsBadHugeWritePtr
VirtualQueryEx
lstrcmpiA
GetCommConfig
GetCommState
OutputDebugStringW
EnumSystemCodePagesA
BuildCommDCBW
SetMessageWaitingIndicator
UpdateResourceA
GetDriveTypeA
RequestDeviceWakeup
GetDiskFreeSpaceExW
GetPrivateProfileStringW
EnterCriticalSection
SetConsoleCursorPosition
GetLongPathNameA
GetProfileIntA
CopyFileExA
GetProfileStringW
FreeResource
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
SetHandleInformation
VerSetConditionMask
InitializeCriticalSection
OpenEventW
LoadLibraryExW
GetFileTime
FreeLibrary
MapUserPhysicalPagesScatter
TransmitCommChar
ExitProcess
FindNextFileW
WriteFile
WinExec
SetThreadIdealProcessor
lstrcmpiW
GetPrivateProfileStructA
FatalAppExitW
SetLocalTime
Process32Next
DeleteTimerQueue
VirtualLock
SetInformationJobObject
IsBadWritePtr
DisableThreadLibraryCalls
FindFirstFileExW
GetShortPathNameW
BackupRead
RtlUnwind
MoveFileA
FlushViewOfFile
IsBadReadPtr
GetCurrentDirectoryA
CreateProcessA
FindNextChangeNotification
GetConsoleCP
WaitForSingleObject
FindResourceExW
WriteConsoleOutputAttribute
FindFirstVolumeW
VirtualAlloc
GetConsoleFontSize
QueryPerformanceFrequency
DefineDosDeviceW
CreateMailslotA
VerLanguageNameW
TlsSetValue
CommConfigDialogA
CopyFileExW
lstrcmpi
CreateMailslotW
GetDiskFreeSpaceW
GetSystemTimeAdjustment
Heap32ListFirst
VirtualProtect
SearchPathA
ContinueDebugEvent
SetThreadPriorityBoost
UnmapViewOfFile
GetEnvironmentStrings
SetThreadContext
SwitchToFiber
GetSystemPowerStatus
SetCriticalSectionSpinCount
ExpandEnvironmentStringsA
FindAtomW
WriteConsoleOutputW
GenerateConsoleCtrlEvent
PulseEvent
EscapeCommFunction
GlobalAddAtomA
FindFirstVolumeA
DeleteCriticalSection
EnumSystemLanguageGroupsA
GetProfileSectionW
GetCurrentProcessId
SetFilePointer
LocalAlloc
VirtualQuery
GetDefaultCommConfigA
CreateNamedPipeW
lstrcpyW
IsBadStringPtrW
CreateDirectoryExA
ResetEvent
SetConsoleCP
SetFileApisToOEM
DebugActiveProcess
FindResourceA
HeapWalk
WriteFileEx
Module32FirstW
CreateDirectoryA
GetHandleInformation
IsValidLocale
FileTimeToDosDateTime
WriteProfileStringA
EnumDateFormatsW
ReadConsoleInputA
EnumCalendarInfoA
ReplaceFileA
GetDateFormatW
GetSystemTimeAsFileTime
GetThreadSelectorEntry
RegisterWaitForSingleObject
MultiByteToWideChar
CompareFileTime
GetLogicalDrives
ExpandEnvironmentStringsW
VirtualAllocEx
TerminateJobObject
GetConsoleAliasesLengthW
EnumLanguageGroupLocalesA
FillConsoleOutputAttribute
EnumSystemLocalesA
WritePrivateProfileStringW
EnumCalendarInfoW
GetThreadPriorityBoost
GetThreadLocale
CloseHandle
FindFirstChangeNotificationW
GetProcessHeap
GlobalUnlock
ReadConsoleOutputA
WritePrivateProfileStructW
GetProcessTimes
WaitForSingleObjectEx
ExitThread
SetStdHandle
LoadResource
GetShortPathNameA
RaiseException
InitAtomTable
SetEvent
CreateMutexW
GetConsoleOutputCP
GetProcessIoCounters
GlobalLock
GetStringTypeExW
SetEndOfFile
GetVolumeNameForVolumeMountPointA
LockResource
SetVolumeLabelW
GetCommModemStatus
GetConsoleAliasA
OpenFileMappingA
IsBadHugeReadPtr
ReadConsoleA
GetLocaleInfoW
SearchPathW
WaitNamedPipeA
GetNumberFormatA
OpenWaitableTimerW
GetPrivateProfileSectionA
PostQueuedCompletionStatus
lstrcpyA
GlobalWire
GetStringTypeExA
Module32NextW
OpenSemaphoreA
GetDiskFreeSpaceExA
WideCharToMultiByte
WaitNamedPipeW
GetFileInformationByHandle
EnumDateFormatsExA
EnumTimeFormatsW
HeapUnlock
ConvertDefaultLocale
CreateFiberEx
GlobalFlags
LocalCompact
GetPrivateProfileIntA
HeapLock
Heap32First
GetCurrencyFormatA
FoldStringW
FindVolumeClose
UpdateResourceW
SetDefaultCommConfigW
EnumSystemLanguageGroupsW
LocalUnlock
RegisterWaitForSingleObjectEx
VirtualUnlock
GlobalGetAtomNameA
GetExitCodeProcess
DeleteVolumeMountPointA
GetFileAttributesExA
lstrcatW
GetUserDefaultLangID
FlushConsoleInputBuffer
SetupComm
SetProcessAffinityMask
FillConsoleOutputCharacterW
CommConfigDialogW
PrepareTape
lstrcpyn
GetCalendarInfoW
SetCommTimeouts
WritePrivateProfileSectionW
WriteFileGather
ProcessIdToSessionId
CreateFileMappingW
HeapValidate
GlobalFindAtomA
GetConsoleWindow
AddConsoleAliasW
VerifyVersionInfoA
AddConsoleAliasA
TerminateThread
BuildCommDCBA
IsValidCodePage
ScrollConsoleScreenBufferA
lstrcpynA
GetModuleFileNameW
GetConsoleTitleA
ReplaceFile
SetThreadLocale
OpenEventA
GetFullPathNameW
FindResourceW
SetLocaleInfoW
EnumDateFormatsA
GetTimeFormatW
SetTimerQueueTimer
GetOEMCP
SetPriorityClass
QueueUserAPC
SetLastError
TlsGetValue
OpenProcess
GetLogicalDriveStringsW
GetConsoleAliasesW
FindFirstFileA
MoveFileExA
CompareStringW
SetConsoleCtrlHandler
ReadProcessMemory
GetCPInfoExA
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
TerminateProcess
SetThreadExecutionState
LCMapStringW
OpenJobObjectW
GetProcessPriorityBoost
GetTapeParameters
GetVolumeNameForVolumeMountPointW
HeapCompact
GetPrivateProfileIntW
GlobalReAlloc
SetComputerNameExA
AllocConsole
GlobalCompact
ClearCommError
GetLogicalDriveStringsA
CallNamedPipeW
SetTapeParameters
GetCurrentThread
GetProcessShutdownParameters
SizeofResource
GetCurrentDirectoryW
WritePrivateProfileStringA
EnumLanguageGroupLocalesW
GetBinaryTypeW
CopyFileA
GetCalendarInfoA
LeaveCriticalSection
GetSystemDefaultLCID
RtlZeroMemory
EnumTimeFormatsA
WriteProfileStringW
GetThreadContext
GetTempPathW
OpenFileMappingW
CreateDirectoryW
OpenJobObjectA
CancelDeviceWakeupRequest
IsValidLanguageGroup
GetTickCount
FreeEnvironmentStringsA
DeleteTimerQueueEx
FlushFileBuffers
GetConsoleAliasesA
GetNamedPipeInfo
SetFileAttributesA
GetStringTypeA
GetConsoleAliasExesA
SetCalendarInfoW
EnumResourceLanguagesA
SetProcessPriorityBoost
DeviceIoControl
GlobalMemoryStatusEx
LoadModule
GetFileSizeEx
SetCurrentDirectoryA
WriteConsoleW
GetConsoleCursorInfo
SetSystemPowerState
EnumUILanguagesW
SwitchToThread
CreateFileW
LocalFileTimeToFileTime
GetSystemDefaultLangID
SignalObjectAndWait
OpenWaitableTimerA
RtlMoveMemory
CreateToolhelp32Snapshot
DisconnectNamedPipe
EraseTape
SetCommState
MoveFileW
CancelWaitableTimer
SetCommConfig
GetConsoleScreenBufferInfo
LocalFlags
RtlFillMemory
GetNamedPipeHandleStateA
GetComputerNameExA
SetCalendarInfoA
SetConsoleTitleW
GetProcAddress
FindFirstVolumeMountPointA
GetSystemTime
GetVersionExA
GetLocaleInfoA
FindNextVolumeA
GetTimeZoneInformation
SetFilePointerEx
CreateWaitableTimerW
LockFileEx
TlsFree
GetProfileStringA
SetThreadPriority
SetConsoleMode
GetWindowsDirectoryW
Module32Next
lstrcpynW
RequestWakeupLatency
CreateSemaphoreW
LoadLibraryA

shlwapi

PathIsUNCServerW
StrCmpW
UrlGetLocationA
SHRegSetUSValueW
PathParseIconLocationW
PathIsSystemFolderW
PathIsContentTypeA
SHDeleteEmptyKeyW
PathUnExpandEnvStringsA
StrRChrW
UrlCanonicalizeA
SHEnumKeyExW
PathFindOnPathW
SHRegSetUSValueA
UrlGetPartA
SHRegDeleteUSValueA
UrlHashW
SHGetValueW
PathBuildRootW
UrlIsOpaqueA
UrlEscapeA
StrFormatByteSizeW
PathCompactPathExA
PathIsUNCServerA
AssocQueryStringByKeyW
SHGetValueA

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aece8d7cb882a46b1fce198d68680960

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ole32

advapi32

user32

kernel32

shlwapi

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 512B - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 512B - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 1KB