eb027cdf435b9df569fa891e82be7c4123650b76e7fcc63280bb5ab61d443aa9

Sharing

Copy URL Twitter E-mail

General

Target

eb027cdf435b9df569fa891e82be7c4123650b76e7fcc63280bb5ab61d443aa9
Size

648KB
MD5

724989be9e9e1d9a9c7044969863b5a9
SHA1

b68e535c25a3554773251daa4e618821695f7bc6
SHA256

eb027cdf435b9df569fa891e82be7c4123650b76e7fcc63280bb5ab61d443aa9
SHA512

68a38574ef6dbd2be6bea92072e86441d9bbe3d71c1e2592c5de4bcd0d31a6ee36e36f83f311576128a4580ccf30a2475f01ae488a7409708e4973e860102964
SSDEEP

12288:YQ9An4gaY3Zz3BWHWJXs/HY9pT7hBeATp:YGgaYJ70HUNBe

Score

N/A

Malware Config

Signatures

Files

eb027cdf435b9df569fa891e82be7c4123650b76e7fcc63280bb5ab61d443aa9
.exe windows x86

6c55848736af6c18faf4528232f82706

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
CloseHandle
LocalFree
WaitForSingleObject
GetExitCodeProcess
CompareStringW
CompareStringA
FlushFileBuffers
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleA
ExitProcess
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
HeapValidate
IsBadReadPtr
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetLastError
GetCurrentThread
GetModuleFileNameA
WriteFile
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
RaiseException
DebugBreak
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
VirtualAlloc
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW
VirtualQuery
GetTimeFormatA
GetDateFormatA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
SetEnvironmentVariableA

advapi32

FreeSid
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid

shell32

ShellExecuteExW
CommandLineToArgvW

Sections

.text
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c55848736af6c18faf4528232f82706

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 348KB - Virtual size: 346KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 8KB - Virtual size: 13KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 220KB - Virtual size: 220KB

.text
Size: 348KB - Virtual size: 346KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 8KB - Virtual size: 13KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 220KB - Virtual size: 220KB