0e2395ec506440993fd555246ac405c9bc64a4355eac9287966e73149152fbb0

General

Target

0e2395ec506440993fd555246ac405c9bc64a4355eac9287966e73149152fbb0
Size

104KB
MD5

46598398ccc7487b29287823221421de
SHA1

55736b98e14322a85b8f20dde440c4c2f2653d4b
SHA256

0e2395ec506440993fd555246ac405c9bc64a4355eac9287966e73149152fbb0
SHA512

0aae8dafe9b5706bc1d83876d6f029362efb419dfe4b0447157ccab1bf069276f03cde921c9a920e823f322db6d7b214759f5d29342f2d3884c3c354ebd980ab
SSDEEP

1536:gO3b7uMC0kID4dPJrfdm5TfT9sdwlPCtOfUMammL4I78LaCjdAk9MwTxRnd+QyVS:gW7Oxrfdm5T2uk48LsPWknxR0QyVS

Score

N/A

Malware Config

Signatures

Files

0e2395ec506440993fd555246ac405c9bc64a4355eac9287966e73149152fbb0
.exe windows x86

48937f044fab70a5666e2497026b1d00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxExA

shfolder

SHGetFolderPathA

trace

TraceSetProperties
LogErr

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
OpenProcessToken

kernel32

CloseHandle
HeapDestroy
GetVersionExA
GetLastError
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapCreate
VirtualFree
HeapFree
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
SetFilePointer
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
FlushFileBuffers
SetStdHandle
VirtualProtect
GetSystemInfo
VirtualQuery

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48937f044fab70a5666e2497026b1d00

Headers

DLL Characteristics

File Characteristics

Imports

user32

shfolder

trace

advapi32

kernel32

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 73KB - Virtual size: 76KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 73KB - Virtual size: 76KB