e0a5dc0f40229e673315b545b3759f1e9f33b1564b30c22fc86614245f1b1936

Sharing

Copy URL Twitter E-mail

General

Target

e0a5dc0f40229e673315b545b3759f1e9f33b1564b30c22fc86614245f1b1936
Size

757KB
MD5

a2044da9ab12f11f954a60b615ea8620
SHA1

28fd7c1e94b8ce63bd84e753f93f136c38f70f0d
SHA256

e0a5dc0f40229e673315b545b3759f1e9f33b1564b30c22fc86614245f1b1936
SHA512

0bd207e40998ee3198c7c6eee27f464df631935441ca4240a9afecef684c552e554920812cd2dae7f0c076d22a9a71b4b9a7eb01a6d9dbbd075381a3e5f7fa3a
SSDEEP

12288:I9ie599ql7DhFuxKQ7Sf1fZE767fzK4kC9gAmzYbQKSlr0vsyrwuO:I4e5jUxKK/q7Su1sQJJOL1

Score

N/A

Malware Config

Signatures

Files

e0a5dc0f40229e673315b545b3759f1e9f33b1564b30c22fc86614245f1b1936
.exe windows x86

4cad39d48a82ef9c841a09888a300506

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent
GlobalGetAtomNameA
GetSystemWindowsDirectoryA
FindNextVolumeA
SetCalendarInfoW
DebugActiveProcess
GetDateFormatW
GetShortPathNameA
WaitForMultipleObjectsEx
SetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
SetVolumeMountPointW
GetDiskFreeSpaceA
GetAtomNameA
_lclose
GetTempPathW
GetModuleFileNameW
RtlUnwind
OpenFile
_lwrite
OpenSemaphoreA
CancelDeviceWakeupRequest
FormatMessageA
GetCurrentThread
CreateDirectoryExW
lstrcatA
DuplicateHandle
GlobalHandle
GetFileTime
GetPrivateProfileIntW
SetLastError
OpenWaitableTimerA
GetEnvironmentVariableW
MulDiv
GetWriteWatch
SizeofResource
Process32NextW
GetExitCodeThread
ReplaceFileA
GetStartupInfoW
CreateFileMappingW
CompareFileTime
IsDBCSLeadByteEx
RequestWakeupLatency
ResetEvent
MoveFileExA
LocalFlags
InterlockedCompareExchange
GetPrivateProfileSectionW
SearchPathW
InterlockedIncrement
CommConfigDialogW
CancelIo
MultiByteToWideChar
GetUserDefaultLCID
GetOverlappedResult
OpenWaitableTimerW
GetCommTimeouts
GetProcessTimes
GetLongPathNameW
SetEvent
DeleteFileW
WaitNamedPipeA
OpenEventW
WaitForSingleObject
CreateFileA
SetTapeParameters
EnumLanguageGroupLocalesW
GetTempFileNameW
OpenFileMappingW
WritePrivateProfileStringW
WritePrivateProfileStructW
GetLogicalDriveStringsW
SetStdHandle
SystemTimeToFileTime
lstrcpyW
SetProcessPriorityBoost
GetStringTypeA
LocalAlloc
GetProfileStringW
GetDiskFreeSpaceW
SetHandleCount
SetWaitableTimer
FlushViewOfFile
GetAtomNameW
SetNamedPipeHandleState
CreateWaitableTimerW
SetEnvironmentVariableA
GetCPInfo
MapViewOfFileEx
ResumeThread
GetDateFormatA
CreateSemaphoreW
DeviceIoControl
WriteProfileSectionA
LocalReAlloc
GetFileAttributesA
InterlockedExchange
InterlockedDecrement

user32

DispatchMessageW
CheckRadioButton
DialogBoxParamW
PeekMessageW
DrawMenuBar
DrawTextW
DestroyWindow
MoveWindow
GetSystemMetrics
ReleaseDC
FrameRect
EndPaint
AllowSetForegroundWindow
PostMessageW
LoadStringA
CheckDlgButton
LoadBitmapW
GetDesktopWindow
CreateWindowExW
wsprintfW
InvalidateRect
GetDC
UnionRect
IsIconic
GetDlgItem
OffsetRect
GetDlgItemTextW
SendMessageW
WaitMessage
TranslateAcceleratorW
GetWindowRect
ShowWindow
GetMessageW
MessageBoxA
LoadCursorW
GetClientRect
UpdateWindow
WinHelpW
LoadAcceleratorsW
LoadIconW
GetForegroundWindow
SetDlgItemTextW
DefWindowProcW
ReleaseCapture
MessageBoxW
GetSubMenu
PtInRect
InvertRect
RegisterClassW
BeginPaint
GetWindowPlacement
IntersectRect
FillRect
IsDlgButtonChecked
SetRect
EndDialog
IsZoomed
GetMenu
EnableMenuItem
SetCapture

comctl32

InitCommonControlsEx

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW

shlwapi

PathAppendA
PathCanonicalizeA

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 644KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cad39d48a82ef9c841a09888a300506

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

shlwapi

Sections

.text Size: 243KB - Virtual size: 243KB

.data Size: 280KB - Virtual size: 644KB

.rdata Size: 28KB - Virtual size: 27KB

.rsrc Size: 196KB - Virtual size: 195KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 243KB - Virtual size: 243KB

.data
Size: 280KB - Virtual size: 644KB

.rdata
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 196KB - Virtual size: 195KB

.reloc
Size: 8KB - Virtual size: 8KB