e615111cc6b82a203f001a1ac846f6fb9752e191393339539930972f155a724e

Sharing

Copy URL Twitter E-mail

General

Target

e615111cc6b82a203f001a1ac846f6fb9752e191393339539930972f155a724e
Size

57KB
MD5

9253dc5cc78f9127299bd4c51eca242a
SHA1

486d136c742f05f3d16ce1d88cc41add7d86dfc5
SHA256

e615111cc6b82a203f001a1ac846f6fb9752e191393339539930972f155a724e
SHA512

960abd835937f884ee68ad1dabfd7f8d6aa89ac6d37c9e4e44b1b2589d45a8766a55e1db25d1741c75844e7e2c6a85931515642f498889aa0e6bdec61a810e01
SSDEEP

1536:ic+gdLv5ETz8OhKoEjXQspbK0o9zPbJZIvDEr9:9DKEjPpO0o9jF

Score

N/A

Malware Config

Signatures

Files

e615111cc6b82a203f001a1ac846f6fb9752e191393339539930972f155a724e
.exe windows x86

f730978001de23973a12a670cf00de70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

OpenClipboard
SetClipboardData
CreateWindowExA
GetClipboardData
LoadCursorA
LoadIconA
DispatchMessageA

urlmon

CreateFormatEnumerator
RegisterFormatEnumerator
RegisterMediaTypes

kernel32

GetStringTypeW
GetStringTypeA
GetCPInfo
HeapCreate
WaitForSingleObject
WideCharToMultiByte
SetThreadLocale
GetSystemDefaultLCID
CompareStringA
GetCPInfoExA
LocalHandle
HeapDestroy
OpenSemaphoreA
GlobalUnlock
GetACP
GetModuleHandleA
GetProcAddress
VirtualAlloc
HeapReAlloc
GetLastError
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
GetOEMCP
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
SetStdHandle
CreateFileA
CloseHandle
RtlUnwind
VirtualFree
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
HeapAlloc
InitializeCriticalSection
ReadFile

activeds

ord13

wtsapi32

WTSOpenServerA
WTSEnumerateServersA
WTSEnumerateProcessesA
WTSEnumerateSessionsA

uxtheme

GetThemeSysColor
GetThemeFilename
GetThemeInt
GetThemeMargins
GetThemeSysInt
GetCurrentThemeName
GetThemeSysBool
GetThemeSysSize
GetThemeEnumValue
ord47
GetWindowTheme
GetThemeBool
EnableThemeDialogTexture

usp10

ScriptItemize
ScriptShape
ScriptCacheGetHeight
ScriptStringAnalyse
ScriptString_pcOutChars
ScriptStringXtoCP
ScriptStringValidate
ScriptGetGlyphABCWidth
ScriptCPtoX
ScriptJustify
ScriptStringOut
ScriptStringCPtoX

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nijrph
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f730978001de23973a12a670cf00de70

Headers

File Characteristics

Imports

user32

urlmon

kernel32

activeds

wtsapi32

uxtheme

usp10

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 46KB

.nijrph Size: 19KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 46KB

.nijrph
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 16B