c7ee1eb889bbce0d5f7861a638021ebd6e75aac3cc9c928d237c73c0d37c511b

Sharing

Copy URL Twitter E-mail

General

Target

c7ee1eb889bbce0d5f7861a638021ebd6e75aac3cc9c928d237c73c0d37c511b
Size

58KB
MD5

6fa006e95569daa7fcb13533c40c36f0
SHA1

b6e6b04cad8b86693bfc59de8934cdaabc8e286d
SHA256

c7ee1eb889bbce0d5f7861a638021ebd6e75aac3cc9c928d237c73c0d37c511b
SHA512

2dc6c9fcc54b5129f406443be0b506f4e5354a7e7c1b650a788d11557e8aca35f786275460da1443d8caa5451de663258772913c8a193853f0ceb1400d2b2247
SSDEEP

1536:suiheZ9QwOnTHk1I+XSo1ExnDRpth3CoKzllH:suieZ6Dkhi4ElDRptJCoel

Score

N/A

Malware Config

Signatures

Files

c7ee1eb889bbce0d5f7861a638021ebd6e75aac3cc9c928d237c73c0d37c511b
.exe windows x86

272cf05e7f62869dc5285d3f3047105f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
SetClipboardData
TranslateMessage
LoadIconA
CreateWindowExA

urlmon

RegisterMediaTypes
RevokeFormatEnumerator
CreateURLMoniker
CreateFormatEnumerator

kernel32

GetCommandLineA
LCMapStringW
LCMapStringA
VirtualLock
VirtualQueryEx
HeapAlloc
HeapCreate
IsValidLocale
GetCPInfoExA
VirtualFree
OpenSemaphoreA
LeaveCriticalSection
IsValidCodePage
PulseEvent
GetModuleHandleA
GetProcAddress
VirtualAlloc
GetStringTypeW
GetStringTypeA
ReadFile
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SetStdHandle
CreateFileA
CloseHandle
RtlUnwind
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapFree
GetLastError
GetFullPathNameA
GetStartupInfoA
GetVersion
ExitProcess
EnterCriticalSection
WriteFile
HeapDestroy
InitializeCriticalSection
DeleteCriticalSection
HeapReAlloc
GetCurrentDirectoryA
GetDriveTypeA
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
FlushFileBuffers
TerminateProcess
GetCurrentProcess

wtsapi32

WTSOpenServerA
WTSCloseServer
WTSEnumerateSessionsA
WTSEnumerateProcessesA

uxtheme

GetThemeTextExtent
IsAppThemed
GetThemeSysSize
DrawThemeBackground
EnableTheming
GetThemeSysColor
GetThemeMargins
GetThemeInt
GetThemeRect
SetWindowTheme
GetThemePropertyOrigin
ord47

usp10

ScriptStringValidate
ScriptStringAnalyse
ScriptApplyLogicalWidth
ScriptStringXtoCP
ScriptPlace
ScriptCacheGetHeight
ScriptGetLogicalWidths
ScriptJustify
ScriptGetFontProperties
ScriptShape
ScriptString_pSize

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ahmt
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

272cf05e7f62869dc5285d3f3047105f

Headers

File Characteristics

Imports

user32

urlmon

kernel32

wtsapi32

uxtheme

usp10

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 37KB

.ahmt Size: 16KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 37KB

.ahmt
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 16B