edcc05bab23f254aa14d4a030aa8495232c45d57be87fc6e2f38fe7a9bf0e5d8

Sharing

Copy URL

Twitter E-mail

General

Target

edcc05bab23f254aa14d4a030aa8495232c45d57be87fc6e2f38fe7a9bf0e5d8
Size

456KB
MD5

6cc2434004e35ae9e0b4827e33e85600
SHA1

acaeebeaf223bb87895003875828e225a3622d61
SHA256

edcc05bab23f254aa14d4a030aa8495232c45d57be87fc6e2f38fe7a9bf0e5d8
SHA512

c7dd78ada64ba54178a4538369cb5596cae9280e2d57720ea524b38e8bd2fee591236d8685e59f5b8256e92b191b91b93e9235999ea1f507f7b0f865967472c2
SSDEEP

12288:O3r/dfEkzOkmOK5U5ykrylJVv0luXE4X9:OhEkzKOKWlQeuX

Score

N/A

Malware Config

Signatures

Files

edcc05bab23f254aa14d4a030aa8495232c45d57be87fc6e2f38fe7a9bf0e5d8
.exe windows x86

2000906a4b4f579b606ef8e7c3e7d226

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

IsProcessorFeaturePresent
GetStringTypeW
RtlUnwind
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
RaiseException
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess
MultiByteToWideChar
LCMapStringW
DeleteCriticalSection
CompareStringW
SetEnvironmentVariableA
SetStdHandle
ReadFile
FlushFileBuffers
CreateFileW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
lstrcpyA
lstrcpyW
LocalFree
FindNextFileW
lstrcatW
GetModuleHandleA
GetModuleFileNameA
LocalAlloc
FindClose
GlobalFree
GetLastError
lstrlenW
HeapCreate
GlobalAlloc
GetProcessHeap
GetCurrentProcess
HeapAlloc
EnterCriticalSection
SetLastError
GetModuleHandleW
GetProcAddress
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
CloseHandle
IsBadReadPtr
HeapValidate
GetModuleFileNameW
EncodePointer
DecodePointer
MoveFileExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
WideCharToMultiByte
FindFirstFileW

user32

DestroyWindow
CreateWindowExA
SetUserObjectSecurity
GetWindowLongA
GetAncestor
InvalidateRect
SetWindowLongA
GetWindowTextA
GetWindowPlacement
GetMessagePos
LoadCursorA
CallWindowProcA
LoadImageA
SetWindowTextA
DefMDIChildProcA
wsprintfW
BeginPaint
SendMessageA
GetUserObjectSecurity
GetClientRect
DrawIcon
wsprintfA
LoadIconA
CheckRadioButton
IsWindow
LoadStringW
DefWindowProcA
GetDlgItem
GetParent
EnableMenuItem
CopyImage
GetMenuItemID
PostQuitMessage
RegisterClassExA
EndPaint
SetWindowPlacement

gdi32

BitBlt
FloodFill
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectA

winspool.drv

ord201

comdlg32

GetFileTitleW

advapi32

GetTokenInformation
OpenProcessToken
ConvertSidToStringSidA
GetSecurityDescriptorDacl
AddAce
FreeSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
GetAce
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountSidA
EqualSid
GetAclInformation
AddAccessAllowedAceEx

ole32

CoTaskMemFree
CoUninitialize
OleCreateStaticFromData
OleDuplicateData

winmm

midiInGetID

shlwapi

PathFindExtensionA
StrToIntExA
PathFindFileNameA
StrChrA
wnsprintfA

comctl32

InitCommonControlsEx

gdiplus

GdipCloneBrush
GdipCreateFromHDC2
GdipDrawEllipseI
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateHatchBrush
GdipSaveImageToFile
GdiplusShutdown
GdipAlloc
GdipFillRectangleI
GdipDeleteBrush
GdipFree
GdiplusStartup
GdipDrawRectangleI
GdipCreatePen1
GdipDeleteGraphics
GdipDeletePen

imm32

ImmGetDefaultIMEWnd

uxtheme

GetThemeDocumentationProperty

msi

ord216

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2000906a4b4f579b606ef8e7c3e7d226

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

ole32

winmm

shlwapi

comctl32

gdiplus

imm32

uxtheme

msi

Sections

.text Size: 255KB - Virtual size: 255KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 83KB - Virtual size: 91KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 255KB - Virtual size: 255KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 83KB - Virtual size: 91KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 14KB - Virtual size: 14KB