e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44

General

Target

e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44
Size

120KB
MD5

60cdc311214c3f1c31b4c6ffb50b1f40
SHA1

5db2dbb810651c61a9769c1c7ee4f38d4135379b
SHA256

e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44
SHA512

4843817b89a5b0a526bd0480924e41ff66ddbf06624240c81f97725e0652963702389eac5974131b54f5a31eb1c607b385389785410cc93db37f391dfbf8ac03
SSDEEP

1536:Xp2V9yPcSt4K7c6oguF35SJEZJwTjmFUhXsx07mz6JKb3F/3TwtzC8b/kXtNtE48:X2DW4K7c6sFee8Nyamz6JKrF/jmz/wQf

Score

N/A

Malware Config

Signatures

Files

e9a4009561510d33e048c0f42b19837bbe530afd7d5d0e24802be4f928a58e44
.exe windows x86

99c938417d608cb0a8e02def5520fc66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
WriteProcessMemory
OpenProcess
HeapReAlloc
HeapAlloc
ReadProcessMemory
WaitForSingleObject
GetProcessHeap
HeapFree
OpenSemaphoreA
CloseHandle
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
LCMapStringW
GetStringTypeW
MultiByteToWideChar
ReleaseSemaphore
LCMapStringA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetOEMCP
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
RtlUnwind
WriteFile
VirtualAlloc
GetCPInfo
GetACP

user32

CloseWindow
ShowWindow
CreateWindowExA
GetClassInfoA
GetWindowLongA
RegisterClassA
FindWindowA
DefWindowProcA

gdi32

StartDocA
StartPage
SelectObject
EndDoc
GetTextMetricsA
TextOutA
StretchDIBits
CreatePen
DeleteObject
CreateFontIndirectA
GetTextExtentPointA
GetDeviceCaps
CreateDCA
SetStretchBltMode
SetBkMode
DeleteDC
MoveToEx
LineTo
SetTextColor
EndPage

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

99c938417d608cb0a8e02def5520fc66

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 92KB - Virtual size: 92KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 92KB - Virtual size: 92KB