ec589dcb72e74209d47a1f6ed8e9a1e16250851df9c06c8b9b196499edf01cf5

Sharing

Copy URL

Twitter E-mail

General

Target

ec589dcb72e74209d47a1f6ed8e9a1e16250851df9c06c8b9b196499edf01cf5
Size

312KB
MD5

4588d6515198e39f1b4f42d3873650a0
SHA1

bc9be43667c91ab79cbd6ed75b572602f95c90c1
SHA256

ec589dcb72e74209d47a1f6ed8e9a1e16250851df9c06c8b9b196499edf01cf5
SHA512

b7580f60785ce34981657d1a2ffe1a36a34b34b88c225c5fee35ae5841024b6c2194945553c0365819ee8b704251ea7ec375f2944549133e1de61f6f3b707cb3
SSDEEP

6144:wRDQklQdJvUq2S9x9bXlw0x4RtLcjXHt7FBaNrWMarMWkwHEo:wRDQklQdJvUhShXS00LcjHthKK1rRao

Score

N/A

Malware Config

Signatures

Files

ec589dcb72e74209d47a1f6ed8e9a1e16250851df9c06c8b9b196499edf01cf5
.exe windows x86

c48ee651c07466ea1ce8af129bf2853d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClientRect
MessageBoxA
wsprintfW

dbghelp

MakeSureDirectoryPathExists
SymLoadModule64
SymCleanup
SymGetTypeFromName
SymSetOptions
SymLoadModuleEx
SymGetSymFromAddr64

kernel32

GetCommandLineA
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
LockFileEx
GetThreadTimes
GlobalFindAtomA
GetVolumePathNameA
MoveFileA
OpenFile
lstrcpynW
WideCharToMultiByte
CreateFileW
GetFileSize
SetEnvironmentVariableW
FormatMessageA
ExitProcess
CreateFileMappingW
MapViewOfFile
CloseHandle
MapViewOfFileEx
SetFilePointer
ReadFile
lstrcatW
LoadLibraryExW
LoadLibraryW
GetProcessHeap
HeapAlloc
FreeLibrary
HeapFree
GetProcAddress
GetModuleFileNameA
lstrcpyA
lstrcatA
LoadLibraryExA
LoadLibraryA
SetLastError
VirtualProtect
GetModuleHandleA
VirtualFree
VirtualAlloc
UnmapViewOfFile
lstrlenA
lstrcmpA
GetEnvironmentVariableW
lstrlenW
lstrcpyW
DeleteFileW
GetSystemTimeAsFileTime
MoveFileW
GetLastError
Sleep
GetModuleHandleW
GetModuleFileNameW
GetTimeZoneInformation
GetLocalTime
GetStartupInfoA
HeapCreate
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c48ee651c07466ea1ce8af129bf2853d

Headers

DLL Characteristics

File Characteristics

Imports

user32

dbghelp

kernel32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 17KB - Virtual size: 24KB

.rsrc Size: 237KB - Virtual size: 237KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 17KB - Virtual size: 24KB

.rsrc
Size: 237KB - Virtual size: 237KB