e04f6b80a45397ca513a2ccc6ca3da573c34d268e573a4e16539338ca713c7e5

General

Target

e04f6b80a45397ca513a2ccc6ca3da573c34d268e573a4e16539338ca713c7e5
Size

275KB
MD5

693ab4ed3a854a61dd5eebbaf06f0820
SHA1

fad1c550f829984d958247f23d2bd29ae576fdfd
SHA256

e04f6b80a45397ca513a2ccc6ca3da573c34d268e573a4e16539338ca713c7e5
SHA512

a6f153ea71da69a63d517a980766a9104bb969e170208e433a9019ddc6275efda4a1b9e1dc7d1d35eef6eaa05314b72efadf65a1f95b461ddcdfc63b7d776978
SSDEEP

6144:UQ2nC4yUhuxYt5PqBVj1mSEJ8lgrNZMwtTpIslC0Pa:XCpthYglW27B15Pa

Score

N/A

Malware Config

Signatures

Files

e04f6b80a45397ca513a2ccc6ca3da573c34d268e573a4e16539338ca713c7e5
.exe windows x86

fe7b46d3c6902d18c51303dfe4fbe0ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

EqualPrefixSid
RegOpenKeyExA
RegNotifyChangeKeyValue
RegQueryValueExA
CreatePrivateObjectSecurityEx
RegGetKeySecurity
RegCloseKey
SystemFunction006

kernel32

GetProcAddress
TlsGetValue
VirtualQuery
InterlockedDecrement
MultiByteToWideChar
IsValidCodePage
GetLastError
IsDBCSLeadByteEx
ExitProcess
GetThreadLocale
FreeLibrary
InitializeCriticalSection
VirtualFree
InterlockedIncrement
DeleteCriticalSection
EnterCriticalSection
CreateEventA
CloseHandle
InterlockedExchange
LoadLibraryA
SetEvent
GetModuleHandleA
GetACP
VirtualAlloc
LeaveCriticalSection

msvcrt

wcschr
fwrite
bsearch
free
vfwprintf
strcpy
_isctype
fflush
strcmp
sprintf
strncmp
__p__commode
fputwc
wcslen
realloc
fputc
strtoul
memmove
_vsnwprintf
_vsnprintf
vsprintf
getenv
atoi
fgets
_strnicmp
setlocale
_stricmp
strstr
strlen
qsort
memcpy
strchr
_iob
putc
strcspn
tolower
_errno
fclose
abort
localeconv
__dllonexit
strncpy

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe7b46d3c6902d18c51303dfe4fbe0ee

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

Sections

.text Size: 144KB - Virtual size: 144KB

.data Size: 71KB - Virtual size: 71KB

.rdata Size: 8KB - Virtual size: 8KB

.bss Size: - Virtual size: 4KB

.idata Size: 17KB - Virtual size: 17KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 144KB - Virtual size: 144KB

.data
Size: 71KB - Virtual size: 71KB

.rdata
Size: 8KB - Virtual size: 8KB

.bss
Size: - Virtual size: 4KB

.idata
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 32KB - Virtual size: 32KB