e579d527ff373d1002a3d357e44144724400b72d34a5470fa929d512b08bb48b

Sharing

Copy URL Twitter E-mail

General

Target

e579d527ff373d1002a3d357e44144724400b72d34a5470fa929d512b08bb48b
Size

190KB
MD5

711f1a95946e2b55b53a9fe69caf3ed0
SHA1

cd54390c190f2518a2e7a8975c14789cdbff6d7e
SHA256

e579d527ff373d1002a3d357e44144724400b72d34a5470fa929d512b08bb48b
SHA512

4fbb5de686a42f04b76d3000e63475d88052e3fb0dab36de029a476776a8c82ece13d19f992ebabf136d68b94c88c8cda01556d78f28364e57b2becd0c23d6eb
SSDEEP

3072:XYBGUjDROuccJNZLw4/nWzeo6QpIMl94RwCdOGpYQkwJb6xLjB94Y3gFWE4Bm8ne:XCGUBOucQNlwozVkfB6OpWb65jB9TgFp

Score

N/A

Malware Config

Signatures

Files

e579d527ff373d1002a3d357e44144724400b72d34a5470fa929d512b08bb48b
.exe windows x86

b24486a0f67049c50e90cce06e0f3d09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnlockFileEx
DeleteFileA
LockFileEx
GetModuleHandleA
GetTempPathA
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
GetProcAddress
FormatMessageA
LocalFree
FreeLibrary
WideCharToMultiByte
GetCurrentThread
GetFileAttributesA
CloseHandle
VirtualFree
ReadFile
WriteFile
CreateFileA
GetLastError
VirtualAlloc

advapi32

AccessCheck
GetFileSecurityA
RevertToSelf
ImpersonateSelf
OpenThreadToken
MapGenericMask

mpr

WNetAddConnection2A
WNetCancelConnection2A

user32

GetKeyboardLayout
IsCharAlphaNumericA
ClientToScreen
SetWindowLongW
SetWindowWord
DestroyCursor
KillTimer
DlgDirListW
DdeCreateDataHandle
SetWindowLongA
OpenDesktopW
EnumChildWindows
GetReasonTitleFromReasonCode
GetClipCursor
GetAltTabInfoA
InvertRect
GetKBCodePage
CreateDialogParamW
LoadStringW
DrawFrameControl
SwitchDesktop
PrivateExtractIconExW
CreateDialogIndirectParamW
GetWindowLongA
ChildWindowFromPoint
GetCapture
GetMenuItemInfoW
wsprintfW
SetCaretBlinkTime
ModifyMenuA
CharToOemA
RealGetWindowClass
CountClipboardFormats
TranslateMessageEx
LockWindowUpdate
DdeFreeDataHandle
MapWindowPoints
DdeQueryStringW
AdjustWindowRect
GetKeyboardLayoutList
GetWindowTextLengthW
IsCharUpperW
CharToOemW
DdeCreateStringHandleA
CreateDialogParamA
MapVirtualKeyExA
SetClassWord
EnterReaderModeHelper
SendInput
GetFocus
DestroyAcceleratorTable
EnumDisplayDevicesW
MessageBeep
SetClassLongA
BroadcastSystemMessageA
ClipCursor

msls31

LsCompressSubline
LsdnFinishDeleteAll
LsPointUV2FromPointUV1
LssbFIsSublineEmpty
LsdnSkipCurTab
LsAppendRunToCurrentSubline
LsdnQueryPenNode

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b24486a0f67049c50e90cce06e0f3d09

Headers

File Characteristics

Imports

kernel32

advapi32

mpr

user32

msls31

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 5KB

.data Size: 155KB - Virtual size: 1.2MB

.bss Size: 8KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 5KB

.data
Size: 155KB - Virtual size: 1.2MB

.bss
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 4KB