e5da2d71e886e5e1d4e7d826684472780350b754a11cc43f0b5a7fce6f3b3800

Sharing

Copy URL Twitter E-mail

General

Target

e5da2d71e886e5e1d4e7d826684472780350b754a11cc43f0b5a7fce6f3b3800
Size

860KB
MD5

8039c5854b9d1dc48a67447a5427b2d4
SHA1

72c7fa43ec2ea7521638a85f253ec91aa5f732b9
SHA256

e5da2d71e886e5e1d4e7d826684472780350b754a11cc43f0b5a7fce6f3b3800
SHA512

77553cc6cd0976fbb0d76fd8387653096cef5fb1f4b56be89e6b6f1e82e08f36f84eddeb1e47f30f0e9d0ffce159723f1d593075b1f302cde71f12a90159a7c7
SSDEEP

24576:0YDmJeJwmP3HBG8QHYCWgC2oNywrOEH6kcy0BQx:0Ylwe3hGJHQg0NQVW

Score

N/A

Malware Config

Signatures

Files

e5da2d71e886e5e1d4e7d826684472780350b754a11cc43f0b5a7fce6f3b3800
.exe windows x86

6ae722cb549d84a46775e0a17b55cedd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyA
GetUserNameW
CryptImportKey
CryptExportKey
LookupAccountSidA
RegRestoreKeyW
RegQueryValueA
RegLoadKeyW
CryptEnumProvidersA
CryptGetUserKey
InitializeSecurityDescriptor
CryptVerifySignatureA

gdi32

CreateDCA
GetBitmapBits
StretchDIBits
SelectPalette
ExcludeClipRect
GetPolyFillMode
EnumFontFamiliesW
SetBrushOrgEx
GetKerningPairsA
GetObjectA
GetDeviceCaps
DeleteDC
SelectObject

comctl32

GetEffectiveClientRect
ImageList_DrawIndirect
DrawInsert
ImageList_GetImageInfo
ImageList_DrawEx
DrawStatusTextA
ImageList_DragEnter
ImageList_GetDragImage
ImageList_GetBkColor
InitCommonControlsEx
CreatePropertySheetPageW
CreateStatusWindow
ImageList_LoadImage
ImageList_BeginDrag
CreateToolbar
ImageList_EndDrag
ImageList_GetImageCount
ImageList_SetFlags

user32

GetWindowPlacement
WaitForInputIdle
CreatePopupMenu
SetMenuContextHelpId
SetMenuInfo
DdeAddData
DdeGetData
MessageBoxW
EnumDisplaySettingsW
GetCursor
UnhookWindowsHook
RedrawWindow
CascadeChildWindows
DlgDirListComboBoxA
RegisterClipboardFormatW
IsIconic
RegisterClassA
LoadMenuIndirectW
EnumDesktopsW
SetWindowPlacement
RegisterClassExA
DefFrameProcW
TileChildWindows
ShowWindow
SetDeskWallpaper
GetClipboardOwner
CreateAcceleratorTableW
IsClipboardFormatAvailable
LoadImageW
InvertRect
BroadcastSystemMessageW
DeferWindowPos
CountClipboardFormats
EditWndProc
GetClassWord
SetProcessWindowStation
CallMsgFilter
SetClipboardViewer
SetPropW
RealChildWindowFromPoint
IsDialogMessageW
DefWindowProcA
GetDesktopWindow
GetWindowTextLengthA
SetWindowsHookW
GetMessageW
InvalidateRgn
FillRect
GetTabbedTextExtentA
CharUpperA
DestroyCaret
GetDlgItem
GetKeyState
CharPrevW

shell32

ExtractIconExA
SHGetFileInfoA
SHFileOperationW
SHGetInstanceExplorer

comdlg32

GetSaveFileNameA

kernel32

ContinueDebugEvent
VirtualQuery
FlushFileBuffers
OpenFileMappingW
FreeEnvironmentStringsA
GetTempFileNameW
CompareStringW
MultiByteToWideChar
GetDiskFreeSpaceExW
IsValidCodePage
GetProfileSectionW
GetProcessHeap
GetStartupInfoA
SetFileAttributesA
GetStdHandle
GetProcessHeaps
GetSystemInfo
EnterCriticalSection
GetVersionExA
UnhandledExceptionFilter
CommConfigDialogA
InterlockedIncrement
WideCharToMultiByte
lstrlenA
GetStringTypeExW
FlushViewOfFile
GetCurrentThreadId
GlobalUnlock
UnlockFile
HeapCreate
IsBadWritePtr
GetWindowsDirectoryW
GetTimeZoneInformation
GetUserDefaultLCID
GetProfileIntW
GetCurrentThread
MapViewOfFileEx
SetStdHandle
GetLocaleInfoA
FreeEnvironmentStringsW
GetCurrentProcess
GetOEMCP
SetEnvironmentVariableA
WriteFile
IsValidLocale
RtlUnwind
GetLocaleInfoW
HeapDestroy
GetCurrentProcessId
GetDateFormatA
HeapAlloc
LCMapStringA
OpenSemaphoreA
GetTempPathA
VirtualAllocEx
ReadFile
GetStringTypeA
FindNextFileA
SetHandleCount
GetProcAddress
WriteProfileStringA
TlsFree
TlsGetValue
GlobalAddAtomW
LocalShrink
WriteConsoleW
TlsSetValue
QueryPerformanceCounter
GetCalendarInfoW
GetFullPathNameA
SetSystemTime
OpenMutexA
GetFileType
WriteConsoleOutputA
SetLastError
GetVersionExW
LoadLibraryA
CreateProcessA
GetCommandLineA
LCMapStringW
CreateMutexA
SetFilePointer
lstrcpyn
SetPriorityClass
CompareStringA
HeapReAlloc
TlsAlloc
TerminateProcess
FoldStringW
ReadConsoleOutputCharacterA
SleepEx
GetTimeFormatA
LeaveCriticalSection
GetFileAttributesW
GetThreadLocale
GetModuleHandleA
CreateMailslotW
ConnectNamedPipe
GetSystemDefaultLangID
VirtualAlloc
EnumSystemLocalesA
GetEnvironmentStrings
VirtualFree
SetThreadLocale
GetStringTypeW
WriteConsoleOutputCharacterW
GetLastError
FreeLibraryAndExitThread
GetTickCount
WritePrivateProfileSectionW
ReadConsoleInputA
CloseHandle
VirtualProtect
CopyFileA
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
DebugBreak
GlobalDeleteAtom
GetModuleFileNameA
FindResourceExW
InterlockedExchange
HeapSize
ReadFileEx
GetVersion
WritePrivateProfileSectionA
GetEnvironmentStringsW
OutputDebugStringW
GetCPInfo
GetSystemTimeAsFileTime
HeapFree
GetACP

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 400KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ae722cb549d84a46775e0a17b55cedd

Headers

File Characteristics

Imports

advapi32

gdi32

comctl32

user32

shell32

comdlg32

kernel32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 400KB - Virtual size: 397KB

.data Size: 144KB - Virtual size: 142KB

.rsrc Size: 108KB - Virtual size: 106KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 400KB - Virtual size: 397KB

.data
Size: 144KB - Virtual size: 142KB

.rsrc
Size: 108KB - Virtual size: 106KB