fe5d5fcee378f6f5e06c1258c5c3f3692d62e62d35c33066d2dde0b1a2ccc203

Sharing

Copy URL Twitter E-mail

General

Target

fe5d5fcee378f6f5e06c1258c5c3f3692d62e62d35c33066d2dde0b1a2ccc203
Size

2.0MB
MD5

f3f0d7ffa266f8d6db522c32f6bed865
SHA1

7e94c4ef7551afd9bc6e96bca7ab13296c52a563
SHA256

fe5d5fcee378f6f5e06c1258c5c3f3692d62e62d35c33066d2dde0b1a2ccc203
SHA512

fd432c63092eb29dd763c6d448307039882b9455fc791d2d4cef11ebae389d3249d552bab1e0c225fa2b1b50165df2329c0d37091de6c5f0445ddaf4478792b9
SSDEEP

24576:efP0AvTs6/HLqmOaCOQE/ZL0qimmMYHpHVQVwjde6JqKxkn5g5hp/YmCwuG5L1ov:G/rqt/1q1mJJ6V2dfJTjjxQwuxv

Score

N/A

Malware Config

Signatures

Files

fe5d5fcee378f6f5e06c1258c5c3f3692d62e62d35c33066d2dde0b1a2ccc203
.exe windows x86

5d43defcd2584bcec8ad6d1bf5f93ebd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

DeregisterEventSource
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegisterEventSourceA
ReportEventA

kernel32

CloseHandle
CreateFileA
CreateFileW
CreateProcessA
CreateSemaphoreA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindResourceA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetTempPathA
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsBadReadPtr
LCMapStringA
LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseSemaphore
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SizeofResource
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WriteProcessMemory
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetBitmapBits
GetDeviceCaps
GetObjectA
SelectObject

user32

EnumThreadWindows
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
LoadCursorA
MessageBoxA
SetCursor
wsprintfA

Exports

Exports

@@Unit1@Finalize
@@Unit1@Initialize
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 415KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 195KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d43defcd2584bcec8ad6d1bf5f93ebd

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 261KB - Virtual size: 264KB

.data Size: 415KB - Virtual size: 428KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 195KB - Virtual size: 483KB

.reloc Size: 17KB - Virtual size: 20KB

.text
Size: 261KB - Virtual size: 264KB

.data
Size: 415KB - Virtual size: 428KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 195KB - Virtual size: 483KB

.reloc
Size: 17KB - Virtual size: 20KB