e1d1141ae64031e5a7bd7295022093646004ba04d6277af10cf130ec29e93b11

Sharing

Copy URL Twitter E-mail

General

Target

e1d1141ae64031e5a7bd7295022093646004ba04d6277af10cf130ec29e93b11
Size

422KB
MD5

503fc6638b1f262755f1abfa493ba6e5
SHA1

43c37f55b06aa777b9d286c2073666ee2e5df46d
SHA256

e1d1141ae64031e5a7bd7295022093646004ba04d6277af10cf130ec29e93b11
SHA512

70e0984814e07b59d32f3f0b063ab34846e5241d70738b5b68e2368661d9262e495c60c01564d0eb329bf05a644881dab1d113514ce778252e3c96c97b51b2aa
SSDEEP

6144:ixZwvXIGwCU8ujfPC8YdNK7f7aVODPjwGLbKkru3ODTOWw8ofO4J8sxqWFVH699:ixk4GjU8ujfPKfK7egLywjwlfbJaE699

Score

N/A

Malware Config

Signatures

Files

e1d1141ae64031e5a7bd7295022093646004ba04d6277af10cf130ec29e93b11
.exe windows x86

fe766835d2517d7e034a2e627e23186a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

SetFilePointer
IsProcessorFeaturePresent
RtlUnwind
MultiByteToWideChar
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
OutputDebugStringW
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
LCMapStringW
GetStringTypeW
VirtualQuery
SetStdHandle
FlushFileBuffers
CreateFileW
GetCommandLineA
HeapSetInformation
ExitProcess
GetFileInformationByHandle
CloseHandle
GetCurrentThreadId
GetModuleHandleA
GetFileType
EnumSystemCodePagesW
GetLastError
GetACP
HeapCreate
GetEnvironmentStrings
GetConsoleCP
FreeEnvironmentStringsA
WaitForSingleObject
InterlockedDecrement
GetTickCount
QueryPerformanceCounter
LoadLibraryW
FreeLibrary
GetModuleHandleW
GetProcAddress
DecodePointer
InterlockedIncrement
LocalFree
RaiseException
SetLastError
TlsFree
TerminateProcess
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetCPInfo
HeapAlloc
LoadResource
FindResourceA
CreateFileA
GetOEMCP
GetStdHandle
WriteFile
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
HeapValidate
GetModuleFileNameW
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleMode
OutputDebugStringA
GetProcessHeap
WriteConsoleW
GetCurrentProcess
GetStartupInfoW

user32

UpdateWindow
LoadImageA
SetWindowTextA
DispatchMessageA
CreatePopupMenu
SetMenu
GetCursorPos
EndDialog
GetDlgItem
EmptyClipboard
ReleaseDC
CreateWindowExA
EndPaint
DestroyWindow
GetMessageA
InsertMenuItemA
PostQuitMessage
SetCapture
DrawTextA
LoadBitmapA
AttachThreadInput
SetFocus
SendMessageA
BeginPaint
GetDC
GetWindowTextA
GetKeyboardLayout
SetRect
MessageBoxA

gdi32

CreateBitmap
EndPage
BitBlt
DescribePixelFormat
StartPage
SetTextColor
MaskBlt
DeleteDC
CreateDIBSection
StretchBlt
CreateFontIndirectA
SetPixel
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
SetMapMode
CreateCompatibleBitmap
StartDocA
GetMapMode
GetOutlineTextMetricsW
ChoosePixelFormat
SetPixelFormat
GetPixel
GetObjectA
EndDoc
SwapBuffers
CreateSolidBrush
TextOutA

comdlg32

PrintDlgA

advapi32

SetEntriesInAclA

ole32

CoInitializeSecurity
RegisterDragDrop
CoUninitialize
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
VariantChangeType
VariantInit
VariantClear
SysStringLen
SysAllocString

winmm

timeGetDevCaps

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

SHQueryValueExW
StrToIntExA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Add

rpcrt4

NdrOleAllocate

opengl32

wglGetCurrentDC
glClear
glOrtho
glLoadIdentity
glColor3f
glFlush
glLineWidth
glViewport
glMatrixMode
glEnd
glBegin
glVertex2d

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

setupapi

SetupDiDeleteDeviceInterfaceRegKey
SetupDiInstallDevice

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relob
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe766835d2517d7e034a2e627e23186a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

winmm

version

shlwapi

comctl32

rpcrt4

opengl32

imm32

setupapi

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 4KB - Virtual size: 12KB

.udata Size: 198KB - Virtual size: 198KB

.adata Size: 3KB - Virtual size: 2KB

.relob Size: 4KB - Virtual size: 3KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 4KB - Virtual size: 12KB

.udata
Size: 198KB - Virtual size: 198KB

.adata
Size: 3KB - Virtual size: 2KB

.relob
Size: 4KB - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 22KB - Virtual size: 21KB