e61c295caf310941a4ad8392bbd836d6adddd1ed152c052b04ac25bf4b47e049

Sharing

Copy URL

Twitter E-mail

General

Target

e61c295caf310941a4ad8392bbd836d6adddd1ed152c052b04ac25bf4b47e049
Size

336KB
MD5

73c425564305322902888d0d2fb0de00
SHA1

19f223f0d003a1a6c6875d6d84488f3c672ca34d
SHA256

e61c295caf310941a4ad8392bbd836d6adddd1ed152c052b04ac25bf4b47e049
SHA512

49a7c6d2792dcafb7abc75666a4479ce794328ae93357e9c9d556c6a5536677e04ec5bec000c9870ad7b1e6e14a91fe1ec7b8090696ef8fba7ba1dbcac2b96e8
SSDEEP

6144:17HNUql+BvQ/bQ5XLvy6YrWBo/q3ezGwOdSkkR8oQnol:BHNTlm8Q5XxYrWi/qhlAR8t

Score

N/A

Malware Config

Signatures

Files

e61c295caf310941a4ad8392bbd836d6adddd1ed152c052b04ac25bf4b47e049
.exe windows x86

ef77aedd84f9c50a0d0fec94d805890f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
CryptHashSessionKey
GetUserNameW
CryptDuplicateHash
RegConnectRegistryA
CryptExportKey
CryptGenRandom
RegQueryInfoKeyA
DuplicateToken
StartServiceW
ReportEventW
RegFlushKey
RegQueryMultipleValuesA
RegRestoreKeyW

shell32

ShellExecuteEx
DoEnvironmentSubstW
DragQueryFileA
ExtractIconExW
ExtractAssociatedIconExW

wininet

InternetGetConnectedStateExW
InternetInitializeAutoProxyDll
InternetGetConnectedState

user32

SetWindowsHookW
SetClipboardViewer
AppendMenuW
SetClipboardData
DdeGetLastError
GetKeyboardState
UnregisterHotKey
GetClassInfoExW
LoadKeyboardLayoutA
CharToOemW
SetProcessDefaultLayout
CreateMDIWindowW
SetActiveWindow
GetWindowThreadProcessId
WINNLSGetIMEHotkey
MessageBoxW
CallNextHookEx
GetMenuItemInfoW
CheckRadioButton
EnableWindow
GetUserObjectInformationW
AdjustWindowRectEx
SetForegroundWindow
GetIconInfo
GetWindow
IsRectEmpty
RegisterClassExA
OpenDesktopW
GetClassInfoW
DestroyWindow
FreeDDElParam
GetTopWindow
EndDialog
GetActiveWindow
CountClipboardFormats
GetWindowTextLengthW
CallMsgFilterW
GetSysColorBrush
GetThreadDesktop
CreateIconFromResourceEx
RegisterClassA
DefWindowProcW
CharLowerBuffW
BroadcastSystemMessageW
MonitorFromRect
ShowWindow
MessageBeep
DragDetect
CharToOemA
CreateWindowExW

kernel32

GetModuleHandleA
InterlockedDecrement
TlsFree
OpenFileMappingW
LCMapStringA
WideCharToMultiByte
CreateFileMappingW
FreeEnvironmentStringsA
RaiseException
VirtualQuery
GetSystemDirectoryW
OpenWaitableTimerW
GetLogicalDriveStringsA
VirtualAlloc
ReadFileEx
GetTickCount
GetModuleFileNameA
TlsSetValue
DosDateTimeToFileTime
InterlockedIncrement
UnhandledExceptionFilter
LoadLibraryA
GetTimeFormatA
HeapReAlloc
SetFilePointer
EnumTimeFormatsA
SetPriorityClass
HeapAlloc
SetEnvironmentVariableA
InterlockedExchange
SetSystemTime
GetAtomNameA
GetOEMCP
WriteFileEx
SetEnvironmentVariableW
CreateEventW
GetCurrentDirectoryW
GlobalFree
RtlUnwind
FlushFileBuffers
GetCompressedFileSizeA
GetStringTypeW
GetFileTime
GetPrivateProfileSectionW
GetCurrentProcess
DeleteCriticalSection
SetFileAttributesW
WriteConsoleInputW
EnumDateFormatsA
GetStringTypeA
QueryPerformanceCounter
SetUnhandledExceptionFilter
SetLastError
AddAtomA
VirtualUnlock
GetLocaleInfoW
GetProcessHeaps
GetACP
GetVersionExW
GetWindowsDirectoryW
ReadFile
GetSystemDefaultLCID
GetVolumeInformationW
GetFileSize
GetCPInfo
GetLocaleInfoA
GlobalCompact
GetLastError
SetStdHandle
HeapFree
FoldStringA
ReadConsoleOutputCharacterA
CloseHandle
OpenMutexA
SetFileTime
FreeEnvironmentStringsW
SetHandleCount
HeapDestroy
GetFileType
HeapCreate
CompareStringW
ExitProcess
GetCurrentThread
GetCalendarInfoA
GetEnvironmentStrings
GetProcAddress
InitializeCriticalSection
CompareStringA
GetTimeZoneInformation
DeleteFileA
LCMapStringW
FillConsoleOutputCharacterA
TlsGetValue
GetSystemTimeAsFileTime
VirtualQueryEx
ReleaseSemaphore
GetStartupInfoA
PulseEvent
InitializeCriticalSectionAndSpinCount
TlsAlloc
SetVolumeLabelW
LeaveCriticalSection
EnumSystemCodePagesA
GetLocalTime
MultiByteToWideChar
GetEnvironmentStringsW
GetFileAttributesExA
ReadConsoleOutputW
EnterCriticalSection
WriteFile
WriteProfileStringA
TerminateProcess
TerminateThread
GetSystemTime
GetCommandLineA
GetStdHandle
OpenFileMappingA
InterlockedCompareExchange
VirtualFree
GetLogicalDriveStringsW
GetCurrentProcessId
GetVersion
FindResourceW
CreateMutexA
SetThreadIdealProcessor
IsBadWritePtr
DebugBreak
GetCurrentThreadId

comctl32

ImageList_GetImageInfo
ImageList_Write
ImageList_SetFlags
ImageList_LoadImage
CreateToolbar
ImageList_Merge
ImageList_Copy
ImageList_Remove
MakeDragList
CreatePropertySheetPage
ImageList_GetIcon
DrawInsert
ImageList_DragEnter
ImageList_Replace
InitCommonControlsEx
CreateUpDownControl
InitMUILanguage
ImageList_SetIconSize
ImageList_GetDragImage
ImageList_DragMove
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_DrawEx
ImageList_AddIcon

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef77aedd84f9c50a0d0fec94d805890f

Headers

File Characteristics

Imports

advapi32

shell32

wininet

user32

kernel32

comctl32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 92KB - Virtual size: 105KB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 92KB - Virtual size: 105KB

.rsrc
Size: 56KB - Virtual size: 54KB