edaaf915aee19b52f4c72d0e00e88cfdb744ec3c11764bee37cb6ee9fb9071e7

Sharing

Copy URL Twitter E-mail

General

Target

edaaf915aee19b52f4c72d0e00e88cfdb744ec3c11764bee37cb6ee9fb9071e7
Size

220KB
MD5

5d3d4c2e0e6ee22f2ae1e4f17f27b4aa
SHA1

e450376357604ad1e206a63318450d5b4e7b3057
SHA256

edaaf915aee19b52f4c72d0e00e88cfdb744ec3c11764bee37cb6ee9fb9071e7
SHA512

aad1bafe4be6b037c4bd9bace692980c63fd26b1d6c26d333d306979c883dc88ecff39d13e1000e1d0d118b7e7134bf62013b4d99b9d807b159ada501c442d4c
SSDEEP

3072:ljjjjjjjjjBCRvhAPSydX+7QikfP7+eTJkRfR5gldjqAG:vCAqM+7Qik37+akReoA

Score

N/A

Malware Config

Signatures

Files

edaaf915aee19b52f4c72d0e00e88cfdb744ec3c11764bee37cb6ee9fb9071e7
.exe windows x86

6153f3feda16b68e57124f95eabfc982

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileSize
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
HeapCreate
FreeEnvironmentStringsW
HeapFree
HeapReAlloc
InterlockedExchange
IsDBCSLeadByteEx
LCMapStringA
LCMapStringW
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
ReleaseMutex
RtlUnwind
SetHandleCount
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
FreeEnvironmentStringsA
ExitProcess
DeleteFileA
CreateFileMappingA
CreateDirectoryA
VirtualAlloc
GetCurrentProcess
GetStartupInfoW
GlobalAlloc
GetWindowsDirectoryA
lstrcatA
HeapDestroy
CreateFileA

user32

LoadCursorA
ReleaseDC
MessageBoxA
GetFocus
SetCaretPos
GetDC
CreateCaret
ShowCaret
DefWindowProcA
LoadIconW
GetSystemMetrics
GetSysColor

gdi32

GetStockObject
GetTextMetricsA
SelectObject

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegEnumKeyExA
RegOverridePredefKey
RegQueryInfoKeyA

msvcrt

memcpy
free

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6153f3feda16b68e57124f95eabfc982

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 268B

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 268B

.rsrc
Size: 33KB - Virtual size: 32KB