efe1b8041dafce60b2e84f0c66ad969d275573efc734a5a395417ac6f5b11451

Sharing

Copy URL

Twitter E-mail

General

Target

efe1b8041dafce60b2e84f0c66ad969d275573efc734a5a395417ac6f5b11451
Size

277KB
MD5

7d512244704ec7d0d57391ddca72df16
SHA1

587ea4305d315bce15c48d0989e6837990dfaec9
SHA256

efe1b8041dafce60b2e84f0c66ad969d275573efc734a5a395417ac6f5b11451
SHA512

2265ce6dfd876c204f7547cc57eac3ceb8091672c2a4d69e6e97341a32e6f1ccb883d9ba712fae0066d993e706d00e07983df8dfaf412ab1c9b3b56f2a972f6f
SSDEEP

6144:CY5XCwA3rxVhhwN9HJQaM2bGx/2aDDOQzX6NNXha:CY5XCwYlVbwN9HJQepan5Ss

Score

N/A

Malware Config

Signatures

Files

efe1b8041dafce60b2e84f0c66ad969d275573efc734a5a395417ac6f5b11451
.exe windows x86

e3c289be79685d6657c48f62a35ec41f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetCommandLineA
SetEndOfFile
SetFilePointer
GetFileSize
SetLastError
WriteFile
CreateFileW
GetCurrentProcessId
GetTickCount
GetTimeFormatW
GetDateFormatW
GetLocalTime
OutputDebugStringA
GetExitCodeProcess
CreateProcessW
lstrcpyW
GetFileAttributesW
SetFileAttributesW
CopyFileW
DeleteFileW
MoveFileExW
ReadFile
WritePrivateProfileStringW
lstrcatA
GetShortPathNameW
lstrcmpiW
CreateDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
LoadLibraryA
GetVersionExW
SetStdHandle
FlushFileBuffers
GetLocaleInfoW
GetOEMCP
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
CreateEventA
CreateThread
Sleep
GetCurrentThreadId
lstrcpyA
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
lstrcpynA
InterlockedExchange
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetWindowsDirectoryW
EnumSystemLocalesA
GetUserDefaultLCID
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsBadWritePtr
VirtualFree
GetProcAddress
LoadLibraryW
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetStartupInfoA
TerminateProcess
GetCurrentProcess
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeA
GetStringTypeW

user32

LoadStringA
CharUpperA
TranslateMessage
DispatchMessageA
GetMessageA
PostThreadMessageA
MessageBoxA
CharNextA

advapi32

ControlService
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
DeleteService
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoInitializeSecurity
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
StringFromGUID2
CoTaskMemAlloc
CoUninitialize

oleaut32

SysFreeString
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr

shlwapi

PathFindExtensionA

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3c289be79685d6657c48f62a35ec41f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 32KB - Virtual size: 29KB

.prdata Size: 68KB - Virtual size: 68KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 32KB - Virtual size: 29KB

.prdata
Size: 68KB - Virtual size: 68KB