e248ba9f331f33d7cec6b6520ad6261a67702516c71b9e6c6d4d3af781dd397c

Sharing

Copy URL Twitter E-mail

General

Target

e248ba9f331f33d7cec6b6520ad6261a67702516c71b9e6c6d4d3af781dd397c
Size

212KB
MD5

7448f4721ec161b3075acf3e095d05f0
SHA1

be1e81d3ca174f868db821aad9077f973536114d
SHA256

e248ba9f331f33d7cec6b6520ad6261a67702516c71b9e6c6d4d3af781dd397c
SHA512

cd1fa0620b391bbf2a0aad75d499a1fa1db16662fd389e32a1e105f83d23cc7ea53cd45048cb18d73c73f459941af469c7d8b00a9965d9f0b881dc5dc03b67b6
SSDEEP

6144:1X/sfbBsg/wEnirNp5rJSdjniIyRNhaul23BSaEtnni3:V/sf2gVnudSdbiIoVi3

Score

N/A

Malware Config

Signatures

Files

e248ba9f331f33d7cec6b6520ad6261a67702516c71b9e6c6d4d3af781dd397c
.exe windows x86

c89e3da0ad66f9a4f802b0b8a97dddd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
CreateThread
LCMapStringW
WideCharToMultiByte
LCMapStringA
lstrcmpiW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
WaitForMultipleObjects
WaitForSingleObject
SetEvent
CloseHandle
CreateEventW
GetStringTypeW
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapFree
GetVersionExA
GetProcessHeap
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

PostMessageW
DestroyWindow
DefWindowProcW
RegisterDeviceNotificationW
PostQuitMessage
UnregisterDeviceNotification
CreateWindowExW
GetMessageW
DispatchMessageW
TranslateMessage
LoadIconW
LoadCursorW
RegisterClassExW

gdi32

GetStockObject

advapi32

RegisterServiceCtrlHandlerExW
OpenServiceW
DeleteService
OpenSCManagerW
CreateServiceW
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherW

ole32

StringFromCLSID
CoTaskMemFree

winmm

mixerSetControlDetails
mixerGetLineInfoW
mixerGetLineControlsW
mixerOpen
mixerGetDevCapsW
mixerGetNumDevs
mixerGetControlDetailsW
mixerClose

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 148KB - Virtual size: 392KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c89e3da0ad66f9a4f802b0b8a97dddd6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

winmm

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 1KB

PACK Size: 148KB - Virtual size: 392KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 1KB

PACK
Size: 148KB - Virtual size: 392KB