2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121

Sharing

Copy URL

Twitter E-mail

General

Target

2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121
Size

167KB
MD5

80a91d94d8da4719e924205c807bb470
SHA1

d1843adbf687b1884ae9b8ba7e5e213ba1a3420f
SHA256

2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121
SHA512

572a6b78fafeecf883380eae2a2e4adfe6c2c52620a0989266da035bd5980c3f91cd07d15b7f18b635f39ac1ddff89b58da85dc37f076f34fdb83f99c2000d4f
SSDEEP

3072:A+xcVA6zP7kJ9tT0LOVpWhJB8UI3AmckWzl+51z4ksrzRRz6EGb03:A+yVA0W9tYL58UIqlCeC

Score

N/A

Malware Config

Signatures

Files

2ecff01cd1e6a7d7be11233eeec60c1fe75be4d6b601bb658ff1f55077325121
.exe windows x86

1475e86f07432fed82e0be5b159c6218

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetThreadPriority
GetConsoleMode
LoadLibraryExW
CreateSemaphoreA
FileTimeToLocalFileTime
CreateEventA
GetDiskFreeSpaceA
GetEnvironmentVariableW
GetDriveTypeW
GetStartupInfoW
GetUserDefaultLCID
GetProcessHeap
IsBadReadPtr
GetDriveTypeA
GetVolumeInformationA
IsValidLanguageGroup
GetEnvironmentVariableA
IsDBCSLeadByteEx
GetThreadLocale
IsValidCodePage
SetFileApisToOEM
GetCurrentThreadId
SetErrorMode
FindVolumeClose

user32

DdeAddData
MapVirtualKeyA
DrawEdge
SetActiveWindow
RemoveMenu
InternalGetWindowText
CallWindowProcA
GetScrollPos
DestroyIcon
DestroyMenu
CountClipboardFormats
BeginDeferWindowPos
DdePostAdvise
UnhookWindowsHookEx
FindWindowExW
GetActiveWindow
IsDlgButtonChecked
CheckDlgButton
DefWindowProcA
SetWindowLongW
MapVirtualKeyExW
GetClipboardData
GetWindowLongA
SetWindowLongA
SetLastErrorEx
LoadIconW
GetDC
wsprintfW
GetClassLongW
SendMessageA
FindWindowExA
GetProcessWindowStation
DeleteMenu
IsZoomed
GetTopWindow
GetMenuItemID
GetThreadDesktop
MapVirtualKeyW
CloseClipboard
GetWindowTextLengthW
SetCursor
DdeInitializeW
CopyAcceleratorTableW
DrawFrameControl
GetMessagePos

gdi32

GetStockObject
SetViewportExtEx

ole32

CoInitialize

Exports

Exports

?AnsaPoemKeefMautTikiacedbroby@@YGGHPCKACJ@Z
?EsesTaelesneMuskyo@@YGXI@Z
?NettDrubMaraNapsno@@YG_KPCUPeenReadfid@@AC_K@Z
?WolfliloOxenIllyWichEkedBoos@@YGGACU_GUID@@UAxesTuisEpic@@PCU_SECURITY_DESCRIPTOR@@DK@Z

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1475e86f07432fed82e0be5b159c6218

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 87KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 87KB - Virtual size: 87KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 22KB - Virtual size: 21KB