e3eea3bf03135a08ab0115a9b8206360c330f67e6fd1cd901d7cde082dcee1ce

Sharing

Copy URL Twitter E-mail

General

Target

e3eea3bf03135a08ab0115a9b8206360c330f67e6fd1cd901d7cde082dcee1ce
Size

110KB
MD5

0833eec59fbb565749a5dfc309a3c2d7
SHA1

2ccf3c3a6f809cca74c2bbbdea54fc6ec4e0e988
SHA256

e3eea3bf03135a08ab0115a9b8206360c330f67e6fd1cd901d7cde082dcee1ce
SHA512

31b8b654aade6afe3ae32764a16098b8070e088dee64193d08d7ff488e1cf93b2808be4a6a891d68c3fd7ea69d43a73eb963b4701eed777c961d188ac5bff5ef
SSDEEP

1536:2V6rOcD4VMoZB3Pw1rlNJzpJBoab98ntHnUZMZZ5D3c+CnPq7cMV:20w7CpNJdJBj98ntHUuBLqE

Score

N/A

Malware Config

Signatures

Files

e3eea3bf03135a08ab0115a9b8206360c330f67e6fd1cd901d7cde082dcee1ce
.exe windows x86

0bb1c86ccdad79d90d78d0eca9779519

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCommandLineA
lstrcpynA
CompareStringW
GetConsoleOutputCP
CompareFileTime
IsDebuggerPresent
WritePrivateProfileStringA
GetStringTypeExA
LocalFree
GetSystemInfo
GetEnvironmentVariableA
CopyFileW
GetTempPathA
FormatMessageA
GetStdHandle
LocalAlloc
lstrcmpA
CopyFileA
GetThreadLocale
FlushFileBuffers
GetOEMCP
lstrlenW
VirtualQuery
CreateProcessW
GetVersionExW
GetModuleHandleA
FileTimeToDosDateTime
GetUserDefaultLangID
QueryPerformanceCounter
WideCharToMultiByte
DeleteFileA
GetCPInfo
FileTimeToLocalFileTime
GetStartupInfoA
GetExitCodeProcess
GetModuleHandleW
SetStdHandle
CreateDirectoryA
MultiByteToWideChar
LoadResource
CreateFileMappingA
VirtualProtect
VirtualFree
DuplicateHandle
GetFullPathNameA
GlobalUnlock
ExpandEnvironmentStringsA
GetVersionExA

msvcrt

__getmainargs
__setusermatherr
_except_handler3
__p__commode
_initterm
_XcptFilter
_adjust_fdiv
__set_app_type
__p__fmode
_exit
__p___initenv
_controlfp

advapi32

RegOpenKeyW
InitializeAcl
DeregisterEventSource
RegSetValueExW
RegOpenKeyExW
RegQueryInfoKeyA
OpenProcessToken
CryptReleaseContext
CryptHashData
CryptGenRandom
ControlService
RegEnumKeyW
RegEnumKeyA
CheckTokenMembership
RegCloseKey
CryptAcquireContextA
RegQueryValueExW
OpenServiceW
GetLengthSid
AddAccessAllowedAce
RegCreateKeyA
EqualSid
AllocateAndInitializeSid
RevertToSelf
OpenThreadToken
RegEnumValueW
GetUserNameA
SetSecurityDescriptorGroup
InitiateSystemShutdownA
GetSecurityDescriptorDacl

user32

GetTopWindow
SetWindowPos
WindowFromPoint
SetTimer
TrackPopupMenu
GetMenuStringA
OffsetRect
GetScrollPos
RegisterWindowMessageA
GetClientRect
GetClassInfoA
LoadIconA
UnregisterClassA
RemovePropA
GetWindow
GetSystemMetrics
SetWindowPlacement
KillTimer
GetDC
GetCursorPos
SetWindowLongA
ShowCursor
GetMessagePos
CharNextA
OemToCharA
SendDlgItemMessageA
WinHelpA
CreatePopupMenu
FindWindowA
ShowOwnedPopups
SetClipboardData
SetClassLongA
ScrollWindow
CreateMenu
PtInRect
GetDCEx
SetScrollPos
MessageBoxA
IsWindowVisible
DeleteMenu
CallWindowProcA
EqualRect
GetForegroundWindow
SetFocus
InsertMenuA
GetIconInfo
FrameRect
CallNextHookEx
SetRect
RemoveMenu

Sections

.text
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bb1c86ccdad79d90d78d0eca9779519

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 1024B - Virtual size: 812B

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 1024B - Virtual size: 812B

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 32KB - Virtual size: 32KB