e0be14605dd296c055300ed50c6dcba599a57b8fce6fe506563d096941bc524b

Sharing

Copy URL Twitter E-mail

General

Target

e0be14605dd296c055300ed50c6dcba599a57b8fce6fe506563d096941bc524b
Size

121KB
MD5

a1958eeeb5776935c6a90b2b796846f8
SHA1

16ad817dcc99a93a36a277a73c255e18a668bd69
SHA256

e0be14605dd296c055300ed50c6dcba599a57b8fce6fe506563d096941bc524b
SHA512

2a61b1b382298503570c7a398715f4cff41c3fd66ed28fd7f7059e173a207fd9085390e7ab61ee74860f3cb60cac6d119889047f6b12713e2eb2811b2ff0a15f
SSDEEP

3072:9Z8GzDjc7wcLMiqG3ZBcH1Kp73zxAsJxPY:9KwcL38e73e6

Score

N/A

Malware Config

Signatures

Files

e0be14605dd296c055300ed50c6dcba599a57b8fce6fe506563d096941bc524b
.exe windows x86

d8a3e81b482ef0df10ac518713b69453

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCPInfo
VirtualProtect
CreateProcessA
UnhandledExceptionFilter
CreateFileMappingA
SystemTimeToFileTime
GetModuleHandleA
DeleteFileA
SetFileAttributesA
GetStartupInfoA
GetEnvironmentVariableA
GetOEMCP
GetTickCount

msvcrt

_stat
exit
__getmainargs
log
getenv
__p__fmode
_XcptFilter
_except_handler3
__mb_cur_max
_initterm
strchr
strncat
_acmdln
atof
fprintf
__p__commode
_adjust_fdiv
__CxxFrameHandler
__set_app_type
__p___initenv
_strlwr
__setusermatherr

user32

UpdateWindow
DrawEdge
GetTopWindow
TranslateMessage

advapi32

OpenThreadToken
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyA
RegEnumKeyExW
RegEnumKeyExA
EqualSid
RegDeleteValueW
DeleteService
OpenSCManagerA
FreeSid
LookupPrivilegeValueW
OpenProcessToken

ole32

RevokeDragDrop
CoTaskMemRealloc
CoInitialize
CoFreeUnusedLibraries
CoInitializeSecurity
CoLoadLibrary
CoCreateGuid
CoGetMalloc
CoRegisterMessageFilter
OleRun

comctl32

ImageList_Remove
CreateStatusWindowA
ImageList_EndDrag
ImageList_Create
ImageList_LoadImageA

shell32

ExtractIconExW
SHFileOperationA
DragAcceptFiles
FindExecutableW
SHGetFolderLocation
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDiskFreeSpaceExW

gdi32

ScaleWindowExtEx
GetOutlineTextMetricsA
PlayEnhMetaFile
GetTextExtentPointW
PolylineTo
CreateRoundRectRgn
GetPixel
SetBrushOrgEx
CopyMetaFileA

oleaut32

SafeArrayGetElement
SysAllocStringLen
VariantCopy
SysAllocStringByteLen
VariantClear
SafeArrayCreate
SafeArrayRedim
VariantCopyInd
SysStringByteLen

version

VerInstallFileW
GetFileVersionInfoSizeA
VerLanguageNameA
VerInstallFileA
VerQueryValueW

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8a3e81b482ef0df10ac518713b69453

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

ole32

comctl32

shell32

gdi32

oleaut32

version

Sections

.text Size: 50KB - Virtual size: 50KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 50KB - Virtual size: 50KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 28KB - Virtual size: 28KB