ee49a42fe6ef39849f643955e05f89680b68dad20fa496d4326a718f34db4ea6

Sharing

Copy URL Twitter E-mail

General

Target

ee49a42fe6ef39849f643955e05f89680b68dad20fa496d4326a718f34db4ea6
Size

503KB
MD5

07beb1cddcc090cb2bc671d3dcb886e0
SHA1

9bde37604e7b03f702798edf359be7ccc65d3cfe
SHA256

ee49a42fe6ef39849f643955e05f89680b68dad20fa496d4326a718f34db4ea6
SHA512

080951b11f2c51a2ab0ddb879d1087985be69493f6dabc332b7b1598c64e8e52aa0a6161870d5088bff8aec515cd7de443d93ac1083ad924b816c485a7779e20
SSDEEP

12288:LsC5TAcuNFW6pmAcbWad0uOvo5sBV2kKFRZp5sC0:IC5T21pmAcB0bWkaRZgC0

Score

N/A

Malware Config

Signatures

Files

ee49a42fe6ef39849f643955e05f89680b68dad20fa496d4326a718f34db4ea6
.exe windows x86

450b5d1e193d69bdc3253bd7782e29cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

SetStdHandle
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
ReadFile
GetModuleHandleW
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
WriteFile
GetStdHandle
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
RaiseException
GetModuleFileNameW
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
ExpandEnvironmentStringsA
CloseHandle
GetLastError
GetProcessHeaps
GetProcessHeap
HeapAlloc
GetLocalTime
GetTimeFormatW
GlobalAlloc
MulDiv
GlobalFree
FreeLibrary
HeapCreate
SetErrorMode
GetVolumeInformationA
ExitProcess
LocalAlloc
lstrcmpiA
lstrlenA
MultiByteToWideChar
GetCurrentProcess
TerminateProcess
CreateFileA
GetProcAddress
LoadLibraryA
GetModuleHandleA
CreateFileW

user32

CreateWindowExA
PostQuitMessage
ShowWindow
GetKeyboardLayout
GetActiveWindow
SendMessageA
GetWindowTextLengthA
SendDlgItemMessageA
GetDlgItem
SystemParametersInfoA
IsIconic
GetDlgCtrlID
SendMessageW
GetWindowTextW
GetWindowTextLengthW
ChildWindowFromPointEx
SetCursor
LoadStringW
LoadCursorW
CheckMenuItem
SetWindowPos
GetWindowRect
DialogBoxParamW
SetClassLongW
LoadIconW
GetWindowLongW
AppendMenuW
GetSystemMenu
UnregisterClassA
TranslateMessage
UpdateWindow
RegisterClassExA
DefWindowProcA
RegisterClassA
DispatchMessageA
GetMessageA
GetDialogBaseUnits
DialogBoxIndirectParamA
GetSysColorBrush
CloseClipboard
GetClipboardData
GetClipboardFormatNameA
LoadImageW
GetClassLongW
GetForegroundWindow
IsWindowVisible
GetWindow
GetWindowLongA
SetActiveWindow
SetWindowLongA
GetWindowTextA
SetScrollInfo
HideCaret
GetDC
FillRect
ReleaseDC
SetCaretPos
ShowCaret
LoadCursorA
LoadIconA
CreateMenu
AppendMenuA
SetWindowTextA
SetFocus
EndDialog
SetDlgItemInt
SetTimer
KillTimer
GetParent
InvalidateRect
CheckRadioButton
SetScrollRange
SetScrollPos
GetScrollPos
MessageBoxA
DestroyWindow
BeginPaint
SetRect
EndPaint
InvalidateRgn
LoadImageA
GetClientRect
OpenClipboard
EnumClipboardFormats

gdi32

SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetTextAlign
MoveToEx
LineTo
Polyline
GetObjectA
CreateCompatibleDC
BitBlt
DeleteDC
CreateFontA
GetObjectW
CreateFontIndirectW
Rectangle
SetBkMode
CreateFontIndirectA
SetTextColor
CreatePen
DeleteObject
TextOutA
CreateSolidBrush
GetBkColor
SelectObject
GetStockObject
SetMapMode

shell32

DragQueryFileA
ShellExecuteW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree
CLSIDFromString

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

StrRChrA
StrStrIA

gdiplus

GdipFillPath
GdipDrawPath
GdipCreateFromHDC
ord1
GdipAddPathLine
GdipCloneBrush
GdipSetPathFillMode
GdipCreateSolidFill
GdipDeletePath
GdipCreatePath
GdipCreatePen1
GdipDeleteBrush
GdipAlloc
GdipFree
GdiplusStartup
GdipClosePathFigure

imm32

ImmReleaseContext
ImmGetConversionStatus
ImmGetContext
ImmGetDefaultIMEWnd
ImmSetConversionStatus

uxtheme

DrawThemeIcon

msi

ord40

traffic

TcOpenInterfaceA

Sections

.text
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.corn
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.port
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.safe
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

450b5d1e193d69bdc3253bd7782e29cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

version

shlwapi

gdiplus

imm32

uxtheme

msi

traffic

Sections

.text Size: 412KB - Virtual size: 411KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 5KB - Virtual size: 12KB

.corn Size: 1KB - Virtual size: 1KB

.port Size: 2KB - Virtual size: 1KB

.safe Size: 6KB - Virtual size: 6KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 412KB - Virtual size: 411KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 5KB - Virtual size: 12KB

.corn
Size: 1KB - Virtual size: 1KB

.port
Size: 2KB - Virtual size: 1KB

.safe
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 17KB - Virtual size: 16KB