e900d62ea17b3e3297c2eedf99008e125f0021a1ce3f116d6a0ddf1d1ff385a1

General

Target

e900d62ea17b3e3297c2eedf99008e125f0021a1ce3f116d6a0ddf1d1ff385a1
Size

46KB
MD5

71c493f4c6e2124f0abb252dade420d0
SHA1

acf68f53ac6b5a5d1250bf7205f36aa536d5d09f
SHA256

e900d62ea17b3e3297c2eedf99008e125f0021a1ce3f116d6a0ddf1d1ff385a1
SHA512

2d32045070b67c6ddc4eb8957b52951ad8e07a21f5c74519d16ed47ab17e3ced54b29dbf10d2f1ffcae7f4a34eaf2b82a196e15a2eacf46bc0fd9c6c39cd423a
SSDEEP

768:zojOWal/mb6WkQ71oI8rOcoK61GbKNmYTJEy05FHFIiPJMBKT6:qO5l/fBQ71hyOc61XmKCy0CkJMa6

Score

N/A

Malware Config

Signatures

Files

e900d62ea17b3e3297c2eedf99008e125f0021a1ce3f116d6a0ddf1d1ff385a1
.exe windows x86

44e55a2ea772830bb5bcce935796a335

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_exit
_c_exit
setlocale
malloc
exit
free
_wcsupr
wcscmp
wcstok
_iob
vfwprintf
_wtoi
wcslen
_wcsicmp
_XcptFilter
_vsnwprintf

advapi32

RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegConnectRegistryW
RegOpenKeyExW
RegCloseKey

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
DeviceIoControl
FindFirstVolumeW
CreateFileW
CloseHandle
FindNextVolumeW
FindVolumeClose
lstrlenW
GetCurrentProcessId
GetFileType
WriteConsoleW
GetUserDefaultUILanguage
GetThreadLocale
GetConsoleOutputCP
GetSystemDefaultLCID
GetLocaleInfoW
SetThreadLocale
GetVersionExW
GetModuleHandleW
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
GetStdHandle

user32

LoadStringW

ntdll

RtlInitUnicodeString
NtClose
NtOpenFile
NtQuerySystemInformation
RtlUnicodeStringToInteger

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zzsnhsj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44e55a2ea772830bb5bcce935796a335

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ntdll

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 34KB - Virtual size: 35KB

zzsnhsj Size: - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 34KB - Virtual size: 35KB

zzsnhsj
Size: - Virtual size: 4KB