ecbea77301c31ce7dce2b3a6ae4f2358ae4508deb861dc83f86450a8ae0d7666

Sharing

Copy URL Twitter E-mail

General

Target

ecbea77301c31ce7dce2b3a6ae4f2358ae4508deb861dc83f86450a8ae0d7666
Size

498KB
MD5

4c30c19b8d7ddd1de7422f549dce20e1
SHA1

62afe7536d28d7d696db69f44601394ee7c636d0
SHA256

ecbea77301c31ce7dce2b3a6ae4f2358ae4508deb861dc83f86450a8ae0d7666
SHA512

305b981023c089d6de49173402bf297f24e8d75132234f973a216ee6ee16c4733b8a1eb6ed4a8bb9363aa1d942e9714220f3d679756b41c8d9f3f2c42efaeedd
SSDEEP

12288:xRhyTTO5w7ZeyH0aNtQWVHVWtqjzqUArDy0BiP9BJ:PwFJLQWVHVFjz5

Score

N/A

Malware Config

Signatures

Files

ecbea77301c31ce7dce2b3a6ae4f2358ae4508deb861dc83f86450a8ae0d7666
.exe windows x86

0aae4e78a851c0a7bae1cde067d38aea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

FindFirstFileA
CreateFileA
GetFileSize
CreateMutexW
FindFirstFileW
SetFilePointer
WritePrivateProfileStructA
GetLocaleInfoA
VirtualQuery
InterlockedIncrement
MoveFileExW
InterlockedDecrement
CreateDirectoryW
WaitForSingleObject
InterlockedCompareExchange
OutputDebugStringW
GetWindowsDirectoryA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
Sleep
GetVersionExW
GetFileAttributesW
ReadFile
GetModuleFileNameW
CreateFileW
GetACP
MultiByteToWideChar
GetLastError
GetCurrentDirectoryW
GetThreadLocale
FindClose
GetPrivateProfileStringA
GetLocalTime
RemoveDirectoryW
GetPrivateProfileStructA
FindNextFileW
DeleteCriticalSection
GetShortPathNameW
GetCurrentThreadId
ReleaseMutex
CloseHandle
DeleteFileW
GetCurrentProcessId
SetFileAttributesW
GetModuleHandleW
GetCurrentProcess
GetTickCount
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
GetVersionExA
GetCommandLineW
GlobalDeleteAtom
FindResourceExW
FindResourceW
FreeLibrary
LoadResource
SetEvent
LoadLibraryW
SizeofResource
LocalAlloc
LockResource
CreateEventW
GlobalGetAtomNameW
GlobalAddAtomW
LocalFree
CreateThread
SetLastError
GetShortPathNameA
lstrlenA
GetSystemDirectoryA
SystemTimeToFileTime
IsBadReadPtr
SetEnvironmentVariableA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
TlsSetValue
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
FreeEnvironmentStringsW
GetOEMCP
CompareStringW
CompareStringA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetCPInfo
GetStartupInfoW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
VirtualFree
HeapCreate
InterlockedExchange
LoadLibraryA
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
lstrlenW
VirtualProtect
VirtualAlloc
GetModuleHandleA
GetSystemInfo
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsFree

user32

UnregisterClassA
IsWindow
PostQuitMessage
LoadImageW
PostMessageW
GetDesktopWindow
SetWindowPos
GetSystemMetrics
SendMessageW
SetWindowTextW
DestroyIcon
GetMessageW
wsprintfW
SetPropW
TranslateMessage
GetWindowPlacement
BringWindowToTop
ShowWindow
FindWindowExW
GetPropW
DispatchMessageW
DestroyWindow
IsDialogMessageW
GetWindowLongW
SetWindowLongW
EndDialog
CreateDialogParamW
GetWindowRect

ole32

CoInitialize
CoUninitialize
CoInitializeEx

oleaut32

CreateStdDispatch
SysFreeString
SysStringByteLen
VariantChangeType
VariantInit
SysAllocStringByteLen
VariantCopy
CreateDispTypeInfo
VariantClear
SysAllocString
SysAllocStringLen

shlwapi

PathRemoveExtensionA
PathFileExistsW
PathStripPathA
PathRemoveFileSpecW
PathStripPathW
PathAppendW
SHGetValueW

wintrust

WinVerifyTrust

Sections

.text
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0aae4e78a851c0a7bae1cde067d38aea

Headers

File Characteristics

Imports

version

kernel32

user32

ole32

oleaut32

shlwapi

wintrust

Sections

.text Size: 304KB - Virtual size: 303KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 48KB - Virtual size: 45KB

.trdata Size: 72KB - Virtual size: 72KB

.text
Size: 304KB - Virtual size: 303KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 48KB - Virtual size: 45KB

.trdata
Size: 72KB - Virtual size: 72KB