e9b53006ef1e96d005e26f30448206bc91d88d170050eedd4567cf046a3c8e07

Sharing

Copy URL Twitter E-mail

General

Target

e9b53006ef1e96d005e26f30448206bc91d88d170050eedd4567cf046a3c8e07
Size

125KB
MD5

63859ab7752a74b938bbadf5e4c39698
SHA1

99947db2bf86d07cea85e0f73b85bf1eb7dad140
SHA256

e9b53006ef1e96d005e26f30448206bc91d88d170050eedd4567cf046a3c8e07
SHA512

6c4cf414115b4fddf10ad75eb2125eb03c08c7ad70339f911b1edba338b55768039cb52a7df79294057240e6c07fa4ff7016200b21cfde49cded210d7e11b6a5
SSDEEP

3072:AUCVESsNp9L7gP1IFf3fsVPpylEMj48hwS6wVHHZePOPtXWOQg:AUNp9L/fvsPM7RwS3RDoO

Score

N/A

Malware Config

Signatures

Files

e9b53006ef1e96d005e26f30448206bc91d88d170050eedd4567cf046a3c8e07
.exe windows x86

34b34b272ca545651fbaaf191f946c58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalAlloc
SetFileAttributesA
lstrcpynA
FindFirstFileA
lstrlenA
GetPrivateProfileStringA
Sleep
DeleteFileA
GetShortPathNameA
MoveFileExA
FindNextFileA
CreateFileMappingA
CreateFileA
GetFileSize
CloseHandle
MapViewOfFile
UnmapViewOfFile
GetWindowsDirectoryA
SetFilePointer
SetEndOfFile
lstrcpyA
GetSystemDirectoryA
CreateDirectoryA
FindClose
RemoveDirectoryA
GetVersionExA
TerminateProcess
ExitProcess
GetStringTypeW
GetCurrentProcess
lstrcatA
HeapFree
MultiByteToWideChar
GetProcAddress
WriteFile
LoadLibraryA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetLastError
GetFileAttributesA
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetStringTypeA
FreeEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
WideCharToMultiByte
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA

user32

SendMessageA
MessageBoxA
ExitWindowsEx
wsprintfA
LoadStringA
LoadIconA
FindWindowA

advapi32

FreeSid
EqualSid
CloseServiceHandle
RegEnumKeyExA
DeleteService
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
RegDeleteValueA
AdjustTokenPrivileges
ControlService
LookupPrivilegeValueA
OpenSCManagerA
AllocateAndInitializeSid
OpenServiceA
RegSetValueExA
RegOpenKeyA
GetTokenInformation

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiDeleteDeviceInfo

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 831B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34b34b272ca545651fbaaf191f946c58

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 1024B - Virtual size: 831B

.data Size: 14KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 78KB - Virtual size: 80KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 1024B - Virtual size: 831B

.data
Size: 14KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 78KB - Virtual size: 80KB