e3dc13937c71524d5ba6eed9fa6a09ef

Sharing

Copy URL

Twitter E-mail

General

Target

e3dc13937c71524d5ba6eed9fa6a09ef
Size

1.1MB
MD5

e3dc13937c71524d5ba6eed9fa6a09ef
SHA1

1602b44772ec4a19ee05d6e01739d8bd40b278f4
SHA256

bdf30945771767035a2f7ed8353e0269c8968ad8608625099b02f2af292047fe
SHA512

83996222256ce09cba8bb341cc73f6e851124afa4fe4a2a0b85440be5c939b516a5c7b41d01079c6ec164da7e739b3834a55188022189f1e1daefc5217fc0a71
SSDEEP

24576:gTjAED+4hxNDm5wknA3Lgq2R1tRVDBYZWerjgHHeQgJwC5TQ+GlspuDnH:gTjAEA1nA3Lgq2R1tRVyjgvgJX5T5G+6

Score

N/A

Malware Config

Signatures

Files

e3dc13937c71524d5ba6eed9fa6a09ef
.exe windows x86

42849164fa3a3afe05fc028e875f1dc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CreateDirectoryW
GetCurrentProcessId
LockResource
GetSystemInfo
LoadResource
FindResourceW
lstrcmpiW
Sleep
InterlockedExchangeAdd
HeapFree
GetCurrentThreadId
OpenProcess
GlobalAlloc
GlobalFree
HeapAlloc
LocalFree
GetProcessHeap
GetModuleFileNameW
LoadLibraryExW
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
GetFileAttributesExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentVariableW
ReadFile
WriteFile
SetFileTime
SetFilePointer
GetModuleHandleW
GetFileSize
GetFileTime
CreateMutexW
WaitForSingleObject
ReleaseMutex
LocalAlloc
GetTickCount
QueryDosDeviceW
GetFullPathNameW
GetTempPathW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetTempFileNameW
FileTimeToSystemTime
SystemTimeToFileTime
IsBadStringPtrW
GetLogicalDriveStringsW
ExitThread
GetVersionExW
GetCurrentProcess
FreeLibrary
CloseHandle
lstrlenW
InitializeCriticalSectionAndSpinCount
GetProcAddress
SetCurrentDirectoryW
LoadLibraryW
ExpandEnvironmentStringsW
GetFileSizeEx
ResetEvent
ResumeThread
SwitchToThread
CreateEventW
FormatMessageW
GetLastError
SetEndOfFile
FreeLibraryAndExitThread
GetCommandLineW
GlobalMemoryStatusEx
InterlockedExchange
SetEvent
WaitForMultipleObjects
DeviceIoControl
GetLocalTime
GetModuleHandleExW
VirtualQuery
GetUserDefaultLangID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStdHandle
GetFileType
MultiByteToWideChar
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
WideCharToMultiByte
GetACP
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
GetTimeZoneInformation
HeapReAlloc
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
OutputDebugStringW
CreateThread
SetStdHandle
FlushFileBuffers
WriteConsoleW
HeapSize
DecodePointer

advapi32

GetUserNameW
RegOpenCurrentUser
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree
CoCreateInstance

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

SHDeleteKeyW
PathMatchSpecW
PathFileExistsW

Exports

Exports

Run

Sections

.text
Size: 905KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42849164fa3a3afe05fc028e875f1dc7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

version

shlwapi

Exports

Exports

Sections

.text Size: 905KB - Virtual size: 904KB

.rdata Size: 188KB - Virtual size: 187KB

.data Size: 14KB - Virtual size: 19KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 38KB - Virtual size: 38KB

.text
Size: 905KB - Virtual size: 904KB

.rdata
Size: 188KB - Virtual size: 187KB

.data
Size: 14KB - Virtual size: 19KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 38KB - Virtual size: 38KB