ec8d308887de75596d07a84968f2ca293bf0215c037ec868b1b56ac5dc5a0ab0

Sharing

Copy URL Twitter E-mail

General

Target

ec8d308887de75596d07a84968f2ca293bf0215c037ec868b1b56ac5dc5a0ab0
Size

320KB
MD5

752636ea480b448336a5e8bd3dc44d67
SHA1

b2a3a72b737075e0d04429a089b05919a0e8eb06
SHA256

ec8d308887de75596d07a84968f2ca293bf0215c037ec868b1b56ac5dc5a0ab0
SHA512

9a5a295dd0e7e20c0d6eae265fb649a0b71b8999555796f403e72547d0dd3c1bdebc68c2eb14291b2e7c8dd04ea0da127c512b53cfc877b5b8b779616d85d997
SSDEEP

6144:DSNraNeJ4BP+JkOFF+DSkB3wsKsr1aY9EFZK:8rUi4w12RBAqr1zsK

Score

N/A

Malware Config

Signatures

Files

ec8d308887de75596d07a84968f2ca293bf0215c037ec868b1b56ac5dc5a0ab0
.exe windows x86

507219112046bea517b584e84c8c29fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WriteConsoleW
SetStdHandle
LoadLibraryW
HeapSize
RtlUnwind
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
LCMapStringW
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
ExitProcess
GetModuleHandleW
GetStringTypeW
HeapReAlloc
CreateFileW
FlushFileBuffers
GetTempPathA
CloseHandle
CreateToolhelp32Snapshot
Process32Next
GetTempFileNameA
GetLastError
lstrlenW
ExitThread
HeapCreate
WriteFile
GetProcessHeap
GetTickCount
Process32First
HeapFree
CreateFileA
GetProcAddress
GetCurrentProcess
HeapAlloc
lstrlenA
QueryPerformanceCounter
IsProcessorFeaturePresent
DecodePointer
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA

user32

FindWindowA
UpdateWindow
SendMessageW
MoveWindow
SetScrollInfo
IsWindow
AppendMenuA
GetSysColorBrush
CreatePopupMenu
ShowWindow
GetSystemMetrics
GetScrollPos
IsWindowVisible
LoadStringW
GetCursorPos
EndPaint
SetTimer
GetWindowRect
PostQuitMessage
TrackPopupMenu
FillRect
KillTimer
DrawTextA
SetForegroundWindow
LoadStringA
LoadBitmapA
GetParent
GetClientRect
BeginPaint
GetDC
GetForegroundWindow
LoadIconW
MessageBoxA
InvalidateRect
GetWindowLongA
CreateWindowExA
ReleaseDC
CharUpperW
EndDialog
DefWindowProcA
GetSysColor

gdi32

BitBlt
GetLayout
GetTextExtentPoint32W
GetTextMetricsW
GetTextExtentPoint32A
SetTextColor
DeleteDC
CreateFontIndirectW
CreateFontIndirectA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
CreateBrushIndirect
SaveDC
GetTextExtentPointW
CreatePen
GetObjectA
GetStockObject
RestoreDC
CreateSolidBrush
TextOutA

winspool.drv

ClosePrinter

shell32

Shell_NotifyIconA
ord100

ole32

CoUninitialize
CoTaskMemFree
CoInitializeEx
CoCreateInstance

ws2_32

WSAStartup
WSACleanup
WSCEnumProtocols

shlwapi

StrCpyNW

gdiplus

GdipSaveImageToFile
GdiplusShutdown
GdipFree
GdipLoadImageFromFile
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipAlloc

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

507219112046bea517b584e84c8c29fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

shell32

ole32

ws2_32

shlwapi

gdiplus

Sections

.text Size: 289KB - Virtual size: 289KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 21KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 289KB - Virtual size: 289KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 21KB

.rsrc
Size: 10KB - Virtual size: 9KB