2eb79b1247a3582509f49730a567c58498997ac1b0271ffb97126c78ad9c1762

Sharing

Copy URL

Twitter E-mail

General

Target

2eb79b1247a3582509f49730a567c58498997ac1b0271ffb97126c78ad9c1762
Size

137KB
MD5

8467ef63bb5a97032e3ac3a190cfbbc0
SHA1

e9dbd525471bfa5f42ab2e8e732498a76b5e826e
SHA256

2eb79b1247a3582509f49730a567c58498997ac1b0271ffb97126c78ad9c1762
SHA512

e5d7f0231909827347a5ea9aad3d7b9c1c23e2befb58c90a5fce520accc3645494be28b3b465d3cf27f58742589b16938b996e16ed136741c43fe5c3c9e2d04b
SSDEEP

3072:v8FWp9zD4uwYwOSWcb/gAbAFF56S3rpKKmFzY1PBJ:vBzMOS5YakQtYl

Score

N/A

Malware Config

Signatures

Files

2eb79b1247a3582509f49730a567c58498997ac1b0271ffb97126c78ad9c1762
.exe windows x86

981311d9e2a66140d540d3d667262faf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
EnterCriticalSection
Sleep
ExitProcess
GetDiskFreeSpaceA
GetFileSize
CreateThread
HeapAlloc
lstrcmpA
LoadLibraryA
GetStringTypeW
GetDateFormatA
InitializeCriticalSection
MoveFileA
MulDiv
lstrlenW
GetACP
VirtualAlloc
HeapFree
GlobalFindAtomA
HeapDestroy
LockResource
WaitForSingleObject
LoadLibraryExA
LocalAlloc

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
FindTextA

user32

CloseClipboard
GetMenu
GetKeyboardLayoutNameA
GetKeyboardType
WindowFromPoint
SetClassLongA
MessageBoxA
GetWindowLongA
ActivateKeyboardLayout
EnableMenuItem
GetKeyboardLayoutList
CharLowerA
CharNextA
GetScrollRange
AdjustWindowRectEx
GetWindowTextLengthA
CreateMenu
PtInRect
ShowWindow
DrawMenuBar
SetWindowTextA
SetScrollRange
MapVirtualKeyA
CheckMenuItem
DestroyWindow
LoadBitmapA
UpdateWindow
SetRect
GetSubMenu
SetScrollPos
GetMenuStringA
SetFocus
MsgWaitForMultipleObjects
RegisterWindowMessageA
IsWindowVisible
SetForegroundWindow
ClientToScreen
PeekMessageA
GetWindowLongW
GetClassLongA
GetSystemMetrics
ShowOwnedPopups
IsIconic
SendMessageA
CharToOemA
GetWindow
TrackPopupMenu
GetCapture
CreatePopupMenu
DefWindowProcA
ReleaseCapture
CharUpperA
IsWindowUnicode
ChildWindowFromPoint
CharUpperBuffA
LoadStringA
EnableScrollBar
IsCharLowerA
DestroyCursor
GetDCEx
IntersectRect
MapWindowPoints
PostMessageA

Exports

Exports

_hR2lKVCf@16
_dzc0IWdLeohHT@20
xPJn0F
ZdEG990zzD@8
vL75VfYvjlOS
_G5735r_@8
Oy_SerL4wK8X@12
_k24c0xDjd@8
_RQLkUq5Rmy@16
_4Xzwkdu7uIldo2@8
_jzw3l8Apc0lo@24

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 108KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

981311d9e2a66140d540d3d667262faf

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 13KB - Virtual size: 12KB

.bss Size: 108KB - Virtual size: 240KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 13KB - Virtual size: 12KB

.bss
Size: 108KB - Virtual size: 240KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB