e049108ca9f06d90d41d3c764de5f8b44960c97d5e1f19875e4cb753803d016b

Sharing

Copy URL

Twitter E-mail

General

Target

e049108ca9f06d90d41d3c764de5f8b44960c97d5e1f19875e4cb753803d016b
Size

355KB
MD5

71a556f9a4ecd22e62c3491c62a19eb0
SHA1

7cf61cec0a7a1ab9dab4aa7429abbb290173cb21
SHA256

e049108ca9f06d90d41d3c764de5f8b44960c97d5e1f19875e4cb753803d016b
SHA512

68728d7132dbfbff0a4ff10c773a9ca23e510c4501ed70b87df9b49161599566c364d1696a2b72e284931e027806b5c206403576e5de28d689bcd41e0384d2c0
SSDEEP

6144:NkHlCNBlRqTDxpUMgZZMGUyqUTNotV//0C2F/RZ5sG82zp2LhfbMXifzPIPaxAs:ZvlRqTDxpUMgn/bytF//2F/RZ5820Ltd

Score

N/A

Malware Config

Signatures

Files

e049108ca9f06d90d41d3c764de5f8b44960c97d5e1f19875e4cb753803d016b
.exe windows x86

142db805dce497cc41ceeb65bce770b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CompareStringA
CompareStringW
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexA
CreateMutexW
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
FlushFileBuffers
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDriveTypeA
GetDriveTypeW
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLongPathNameA
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetTempFileNameW
GetTempPathA
GetThreadLocale
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MultiByteToWideChar
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpynW
lstrlenA
lstrlenW
lstrcatA
CreateFileA
GetTempFileNameA
VirtualAlloc

user32

LoadIconA
LoadIconW

gdi32

GetStockObject

advapi32

RegOpenKeyExA

shell32

SHFileOperationA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

StringFromIID
StringFromGUID2
StringFromCLSID
PropVariantCopy
PropVariantClear
OleSaveToStream
OleLoadFromStream
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUnmarshalInterface
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoReleaseMarshalData
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetMalloc
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CLSIDFromString

shlwapi

PathRemoveBackslashW
PathGetCharTypeW
UrlCombineW
PathUndecorateW
PathRemoveFileSpecW
PathGetCharTypeA

msvcrt

wcsncmp
wcslen
wcscspn
wcscpy
wcsncpy
wcschr
wcscat
towupper
towlower
toupper
swscanf
swprintf
strncpy
strchr
srand
realloc
rand
wcspbrk
wcsrchr
wcsspn
wcsstr
wcstombs
wcstoul
wcscmp
_CIpow
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_beginthreadex
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_onexit
_purecall
_snwprintf
_stricmp
_strnicmp
_ultow
_vsnprintf
_vsnwprintf
_wcmdln
_wcsicmp
_wcsnicmp
_wcsupr
_wtoi
_wtoi64
_wtol
abs
atoi
atol
bsearch
ceil
exit
floor
free
isdigit
isspace
iswalnum
iswascii
iswcntrl
iswdigit
iswspace
isxdigit
malloc
memcmp
memcpy
memmove
memset
qsort

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

142db805dce497cc41ceeb65bce770b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 348KB - Virtual size: 347KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 348KB - Virtual size: 347KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 5KB - Virtual size: 5KB