e2a20993a0852dfb33aabb6e53e88dc782af5a403302ab61c652eb0250bb7785

Sharing

Copy URL Twitter E-mail

General

Target

e2a20993a0852dfb33aabb6e53e88dc782af5a403302ab61c652eb0250bb7785
Size

5.6MB
MD5

74a20ddc9dec531307bf676c93921367
SHA1

124db4683a1ee2b201a73ce778d4c6062af7a53e
SHA256

e2a20993a0852dfb33aabb6e53e88dc782af5a403302ab61c652eb0250bb7785
SHA512

d217044c8445107ada42874f0a547834171f756c9186fc2f1651939a504a8061f6e16d8a3e285cbfff7764862a5088a01b6d7719fb2520a10d43388dfd1da696
SSDEEP

98304:uFNjeLt2e2PB/N5ziuLprHS/+yG8n4bc/2rM+kuRtvt9AN8H:uvx5zziuRGl4YqPvgm

Score

N/A

Malware Config

Signatures

Files

e2a20993a0852dfb33aabb6e53e88dc782af5a403302ab61c652eb0250bb7785
.exe windows x86

c9a19fad9a50f24d8a786266aea87eea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
InitializeCriticalSection
GetCurrentThreadId
GetProcAddress
LoadLibraryExW
LoadLibraryW
GetCurrentProcess
GetModuleHandleW
GetVersionExW
GetSystemDirectoryW
RaiseException
Sleep
GetLastError
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
SetConsoleCtrlHandler
SetLastError
InterlockedExchange
TlsFree
PostQueuedCompletionStatus
TlsAlloc
InterlockedExchangeAdd
CreateEventA
CloseHandle
SetEvent
ExpandEnvironmentStringsA
GetTickCount
SleepEx
LoadLibraryA
GetSystemDirectoryA
WaitForSingleObject
FormatMessageA
WideCharToMultiByte
GetExitCodeThread
LocalFileTimeToFileTime
LocalAlloc
LocalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
CreateFileW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetCurrentProcessId
ReleaseSemaphore
CreateSemaphoreA
DuplicateHandle
GetFileSize
GetSystemTimeAsFileTime
TlsGetValue
SetWaitableTimer
WriteFile
SetFilePointer
ReleaseMutex
CreateDirectoryW
CreateMutexW
MoveFileW
CreateEventW
CreateWaitableTimerW
OpenProcess
GetTimeZoneInformation
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentThread
SetThreadAffinityMask
ExpandEnvironmentStringsW
GetLocalTime
GetSystemInfo
GetModuleHandleA
TerminateProcess
ProcessIdToSessionId
WaitNamedPipeW
ReadFile
CreateProcessW
InitializeCriticalSectionAndSpinCount
HeapFree
GetProcessHeap
TlsSetValue
OpenEventA
ResetEvent
HeapAlloc
CreateIoCompletionPort
QueueUserAPC
TerminateThread
WaitForMultipleObjects
GetQueuedCompletionStatus
InterlockedCompareExchange
GetFileAttributesW
GetPrivateProfileStringW
GetTempPathW
FormatMessageW
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
SystemTimeToFileTime
GetComputerNameW
DeviceIoControl
GetVolumeInformationW
GetDriveTypeW
GetLogicalDriveStringsW
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateThread
SetThreadPriority
ResumeThread
GetOverlappedResult
GetTempFileNameW
GetDiskFreeSpaceExW
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeExA
LCMapStringA
LCMapStringW
SetEndOfFile
RemoveDirectoryW
CopyFileW
GetCurrentDirectoryW
GetFileInformationByHandle
GetFileAttributesExW
SetFileTime
SetFileAttributesW
AreFileApisANSI
CreateWaitableTimerA
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
HeapReAlloc
ExitThread
GetDriveTypeA
FindFirstFileA
GetCPInfo
GetTimeFormatA
GetDateFormatA
GetStringTypeW
CompareStringA
CompareStringW
GetStdHandle
GetModuleFileNameA
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetFullPathNameA
PeekNamedPipe
CreateFileA
GetCurrentDirectoryA
GetStringTypeA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
lstrlenA
GetThreadTimes
UnmapViewOfFile

msi

ord70
ord141
ord16
ord45

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1009KB - Virtual size: 1009KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9a19fad9a50f24d8a786266aea87eea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msi

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 1009KB - Virtual size: 1009KB

.data Size: 200KB - Virtual size: 230KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 346KB - Virtual size: 345KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 1009KB - Virtual size: 1009KB

.data
Size: 200KB - Virtual size: 230KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 346KB - Virtual size: 345KB

.vmp0
Size: 500KB - Virtual size: 1.6MB