eeb91b36455c3f3dbf84de3cf09ad2ea46828d0fa1e2cbc0f77c0b6c8cf33204

Sharing

Copy URL Twitter E-mail

General

Target

eeb91b36455c3f3dbf84de3cf09ad2ea46828d0fa1e2cbc0f77c0b6c8cf33204
Size

143KB
MD5

781679410040750c28701f6510e8f686
SHA1

a0dced200e3a91b5130c158eee07d76e708e56cf
SHA256

eeb91b36455c3f3dbf84de3cf09ad2ea46828d0fa1e2cbc0f77c0b6c8cf33204
SHA512

ed6949258e5ffa5989add49f7aeb6068a762d826c3d6eef72e86593727925eccd8d5abf2141d83a2ad6fd0bdc69d208912496b32f4deb2d8435cc7cde0589f19
SSDEEP

3072:kEA6kEAPEATpVBJBGmEOOmB3ts+RqK1uJTVroqCPCX7ID0yeBByqJ:AntNPJBYOO+3t7O3Eq17O0yeBo2

Score

N/A

Malware Config

Signatures

Files

eeb91b36455c3f3dbf84de3cf09ad2ea46828d0fa1e2cbc0f77c0b6c8cf33204
.exe windows x86

34b42cbbbb904138941550ed6982acb9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FormatMessageW
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
GetModuleHandleA
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WaitForSingleObject
GetProcAddress
LoadLibraryA
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle
GetLocalTime
UnhandledExceptionFilter
GetModuleFileNameW
SetHandleCount
OutputDebugStringW
GetCommandLineW
GetTempPathW
GetTempFileNameW
DeleteFileW
CreateProcessW
GetLastError
GetFileType
GetStdHandle
VirtualAlloc
GlobalHandle
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock

user32

MessageBoxW
LoadStringW

shell32

CommandLineToArgvW
FindExecutableW

ole32

StgOpenStorage

faxtiff

TiffClose
TiffCreate
TiffEndPage
TiffStartPage
TiffWriteRaw
FaxTiffInitialize

gdi32

GdiSetBatchLimit
SelectObject
CreateDIBSection
DeleteDC
CreateCompatibleDC
CreateICA
DeleteObject
BitBlt
CreateCompatibleBitmap
CreatePatternBrush
SetBitmapBits
PatBlt
CreateBitmap

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34b42cbbbb904138941550ed6982acb9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

faxtiff

gdi32

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 15KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

.bdata Size: 60KB - Virtual size: 60KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 15KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB

.bdata
Size: 60KB - Virtual size: 60KB