e2edf9fd1d1c09ce44ca784df3f87f9a8aceacba99c38952cc99ebded8aa759c

Sharing

Copy URL

Twitter E-mail

General

Target

e2edf9fd1d1c09ce44ca784df3f87f9a8aceacba99c38952cc99ebded8aa759c
Size

112KB
MD5

6a8db184f0cc0f68138b2754f3020839
SHA1

793461cbe840d5483e08a0eb3e257db311c9bbf1
SHA256

e2edf9fd1d1c09ce44ca784df3f87f9a8aceacba99c38952cc99ebded8aa759c
SHA512

4f0a5d4258d38a53cc97088ca446d634be1597e8966ff637faaccf2e62891c56ed02c07920fece7b2f6f4187eab8a8b0b363bff8dd751c2633146ca0e98f3170
SSDEEP

3072:LZRLldosjMZ167PMrCBob+/Q+rYeu/VVeO4v:9JXlVgr9+Ju9+

Score

N/A

Malware Config

Signatures

Files

e2edf9fd1d1c09ce44ca784df3f87f9a8aceacba99c38952cc99ebded8aa759c
.exe windows x86

e53ba101bfb590cc31cbc715096f6933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleA
SetFilePointer
WaitForMultipleObjects
VirtualProtect
GetModuleHandleA
Sleep
CompareStringA
GetCurrentProcess
CopyFileA
GetStartupInfoA
MultiByteToWideChar
CreateDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA

user32

SendDlgItemMessageA
CreatePopupMenu
DefWindowProcA
SetPropA
LoadCursorA
GetWindowRect
DispatchMessageA
SetActiveWindow
PeekMessageA
SetWindowLongA
SetScrollInfo

msvcrt

log10
_XcptFilter
_initterm
_stat
wcscat
_adjust_fdiv
_except_handler3
__set_app_type
_wcsnicmp
_isctype
_wcsicmp
_setjmp
__getmainargs
__p__commode
exit
__setusermatherr
wcsstr
_beginthreadex
__p__fmode
fputs
fgetc
ungetc
_acmdln

advapi32

LookupPrivilegeValueA
RegDeleteKeyA
RegDeleteValueW
RegEnumValueW
RegFlushKey
InitializeAcl
IsValidSid
RegCloseKey
RegCreateKeyExA
InitiateSystemShutdownA
SetSecurityDescriptorOwner
RegQueryInfoKeyW

ole32

PropVariantClear
CoTaskMemRealloc
GetRunningObjectTable
OleInitialize
CoRevokeClassObject
CreateBindCtx
CoGetMalloc
CLSIDFromString
CoCreateInstance

version

VerInstallFileW
VerInstallFileA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

DestroyPropertySheetPage
ImageList_LoadImageW
ImageList_GetBkColor
CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_Replace
ImageList_GetIcon
CreatePropertySheetPageA

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
DragQueryFileA
SHBindToParent
ShellExecuteExW
SHGetDiskFreeSpaceExW
ExtractIconA
SHChangeNotify
SHGetPathFromIDList

oleaut32

SafeArrayRedim
SysStringByteLen
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayUnaccessData
SetErrorInfo

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e53ba101bfb590cc31cbc715096f6933

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

ole32

version

comctl32

shell32

oleaut32

Sections

.text Size: 75KB - Virtual size: 74KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 75KB - Virtual size: 74KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 21KB - Virtual size: 20KB