be7594bc428a16bf157927937b88933fb173d795e94f7634da55ccf29265edd3

Sharing

Copy URL Twitter E-mail

General

Target

be7594bc428a16bf157927937b88933fb173d795e94f7634da55ccf29265edd3
Size

160KB
MD5

6ee140d307df5fb0a6c27889483a07f4
SHA1

3a35faed18907eb252aed67efb8b483d2924b146
SHA256

be7594bc428a16bf157927937b88933fb173d795e94f7634da55ccf29265edd3
SHA512

0afdfeb9dc7eedfbdc16cc46af72f4494f1ac43cae460574ea7a91a1a5a9e3dd4aa563fa8ed61d196e38f86b09085b3a8ece8ce228b69490b48f04083beebee9
SSDEEP

3072:zekZbSo9aCTXg/2MZ2V2b25YIEkKPvjgROmcp0qh/1242hY+n3:NXEC7g/2G25Y0AjgROmrqFkBa

Score

N/A

Malware Config

Signatures

Files

be7594bc428a16bf157927937b88933fb173d795e94f7634da55ccf29265edd3
.exe windows x86

0ec8fe9dc84e8c36a52704ae856a5a7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AnyPopup
LoadIconA
GetDesktopWindow
CloseWindow
LoadCursorA
LoadCursorFromFileA
GetWindowTextLengthA

kernel32

GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
VirtualAlloc
GetPriorityClass
GetVersionExA
GetEnvironmentStrings
GetTimeZoneInformation
GetProcAddress
GetModuleHandleA
IsDebuggerPresent
GetCommandLineW
GetStdHandle
GetEnvironmentStringsW
GetLocaleInfoW
CompareStringA
CompareStringW
GetCurrentProcessId
TlsSetValue
IsValidCodePage
IsValidLocale
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
DeleteCriticalSection
GetCurrentThreadId
SetEnvironmentVariableA
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
Sleep

gdi32

GetRasterizerCaps
GetTextColor
GetTextMetricsA
SetTextAlign

msi

ord103

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ec8fe9dc84e8c36a52704ae856a5a7d

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

msi

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 111KB - Virtual size: 192KB

.rsrc Size: 1024B - Virtual size: 608B

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 111KB - Virtual size: 192KB

.rsrc
Size: 1024B - Virtual size: 608B