e7091ccdb4e49213fcaf2626539ed0b91bc844558dae8a14fd395b34f04802bf

Sharing

Copy URL Twitter E-mail

General

Target

e7091ccdb4e49213fcaf2626539ed0b91bc844558dae8a14fd395b34f04802bf
Size

189KB
MD5

7c5f5aa3ac63836b0f4821cb83fbad80
SHA1

49c7cd391c6612d8f1c1293e5eb007af97ba16f6
SHA256

e7091ccdb4e49213fcaf2626539ed0b91bc844558dae8a14fd395b34f04802bf
SHA512

b9102ea664094d1a643d2d65f0127355ce4bf76da3d34d456711a751b45188717cd60df78f7f3469582cf6073d7d1b20b16b3126f617c9939dedf7242dd5a0ef
SSDEEP

3072:lQ3wiiqizatpTGH2BBUSX8Cawhim3BX05yIWnBO:lEwiiqTPMCZhLoWBO

Score

N/A

Malware Config

Signatures

Files

e7091ccdb4e49213fcaf2626539ed0b91bc844558dae8a14fd395b34f04802bf
.exe windows x86

38b9671a9200a096ebc7ce078fa2b4f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualLock
VirtualQuery
CreateFileW
ReadFile
lstrlenW
lstrcmpiW
OpenEventW
SetEvent
GetModuleHandleW
LoadLibraryExW
GetProcAddress
GetSystemTimeAsFileTime
HeapAlloc
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
HeapFree
GetProcessTimes
HeapSetInformation
SetDllDirectoryW
GetCommandLineW
TerminateProcess
GetLastError
FreeLibrary
GetCurrentProcessId
SetLastError
GetModuleFileNameW
CloseHandle
LocalFree
GetSystemDirectoryW
LocalAlloc
SetProcessWorkingSetSize
GetProcessWorkingSetSize
VirtualFree
VirtualAlloc
GetCurrentProcess
GetProcessHeap
GetVersionExW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind

advapi32

RegQueryValueExW
RegOpenKeyExW
EnableTrace
StartTraceW
TraceEvent
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegCloseKey

shell32

SHGetFolderPathW
CommandLineToArgvW

shlwapi

SHGetValueW
PathFindFileNameW
StrStrW
PathCombineW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

38b9671a9200a096ebc7ce078fa2b4f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 96KB - Virtual size: 96KB

.reloc Size: 69KB - Virtual size: 72KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 69KB - Virtual size: 72KB