e48ecf2debbd31bb5700cf7709910107616e1deaad2a852833d9f7998cb90f95

Sharing

Copy URL Twitter E-mail

General

Target

e48ecf2debbd31bb5700cf7709910107616e1deaad2a852833d9f7998cb90f95
Size

114KB
MD5

29e510a5c4909baac4e47f244fb92c00
SHA1

020dbb8f61a23576dbb593d28a3bd7599a7f8a78
SHA256

e48ecf2debbd31bb5700cf7709910107616e1deaad2a852833d9f7998cb90f95
SHA512

1e55690c7de9fb6b47efd1537a6514b80a22472399da044c44f404cb32aadc6f374c3d6ebc4e0e954f6cd5949e90dfd0e9f35456b828664fc4dd8da5df1a69a2
SSDEEP

3072:E2QXWJoHcVp9I8pNbkfnw9HdBaGQg53Cz50N+WlSe:VjwM+gsl00e

Score

N/A

Malware Config

Signatures

Files

e48ecf2debbd31bb5700cf7709910107616e1deaad2a852833d9f7998cb90f95
.exe windows x86

61fdcd0a69e1e4cea037d6088e9cd360

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
HeapSize
TlsGetValue
UnhandledExceptionFilter
CreateFileW
GetProcAddress
RaiseException
DeleteCriticalSection
GetModuleHandleA
VirtualAlloc
LeaveCriticalSection
GetSystemTimeAsFileTime
GetSystemInfo
GetModuleFileNameA
ResetEvent
CreateEventW
GlobalAlloc
InitializeCriticalSection
LoadResource
CreateThread
GetACP
FreeEnvironmentStringsW
GetModuleHandleW
LoadLibraryExW
SetEvent
ReleaseMutex
LoadLibraryA
DeleteFileW
Sleep
GetOEMCP
GetStringTypeExA
GetProcessHeap
GetUserDefaultLCID
GetNumberOfConsoleMouseButtons
HeapFree
ExitProcess
VirtualFree
GetStartupInfoA

user32

IsDlgButtonChecked
TranslateMessage
MessageBoxW
GetDesktopWindow
GetFocus
PostMessageW
PostQuitMessage
LoadIconW
EndDialog
CreateWindowExA
EnableWindow
MessageBeep
GetSubMenu
DefWindowProcW
PeekMessageW
SetForegroundWindow
SetDlgItemTextW
DialogBoxParamW
LoadImageW
GetWindowTextW
CopyRect

gdi32

SetTextColor
GetCurrentObject
GetBkColor
SetWindowOrgEx
CreateFontA
StretchDIBits
SetBrushOrgEx
GetTextAlign
EnumFontFamiliesExW

advapi32

CopySid
RegEnumValueW
GetAce
CryptGetProvParam
CryptEncrypt
GetUserNameW
CryptDestroyHash
FreeSid
GetUserNameA
CryptGenKey
QueryTraceA
CryptAcquireContextA
GetCurrentHwProfileW
RegDeleteKeyW
CryptGenRandom
RegCreateKeyA
RegEnumKeyExW

ole32

OleInitialize
CoRevokeClassObject
CoGetClassObject
GetRunningObjectTable
OleGetClipboard
OleSetClipboard
HBITMAP_UserUnmarshal
StringFromCLSID
OleLoadFromStream
CoTreatAsClass
CoCreateInstanceEx
CreateFileMoniker
CoWaitForMultipleHandles
CoGetStandardMarshal
HWND_UserMarshal
DoDragDrop

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

rpcrt4

CStdStubBuffer_IsIIDSupported
RpcServerUseProtseqEpW
NdrOleFree
IUnknown_Release_Proxy
RpcBindingFromStringBindingW
IUnknown_AddRef_Proxy
NdrDllUnregisterProxy
CStdStubBuffer_CountRefs
CStdStubBuffer_Invoke
NdrServerCall2
RpcStringBindingParseW
RpcStringFreeA

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bss
Size: 7KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61fdcd0a69e1e4cea037d6088e9cd360

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

msvcrt

rpcrt4

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 17KB - Virtual size: 16KB

bss Size: 7KB - Virtual size: 4KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 17KB - Virtual size: 16KB

bss
Size: 7KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 18KB