eb0212ee76307dd8e32721ce5c9430ef053eb99003732d0c9c704d507030dc72

General

Target

eb0212ee76307dd8e32721ce5c9430ef053eb99003732d0c9c704d507030dc72
Size

652KB
MD5

cce41dd23a4c40964a6e392bca0e20c5
SHA1

4541dbb43084ff5d47b2378adc5a3b0a615d306a
SHA256

eb0212ee76307dd8e32721ce5c9430ef053eb99003732d0c9c704d507030dc72
SHA512

6bbcc1e1a6a6806bae3b5583839a23c08e298a9de53c657fdb342ce8d8ec36bea3cd0e88f634b2cf64135cd714b6f2c8bbaa0046dea3395e0da82c273532d605
SSDEEP

12288:IJ2Ifjj4vm8Z2OX87zNv/iI1MLn8ozqUGxrJuQmV8vuwG3rU:22wjjYRuz1qtL8R1uQduZ4

Score

N/A

Malware Config

Signatures

Files

eb0212ee76307dd8e32721ce5c9430ef053eb99003732d0c9c704d507030dc72
.exe windows x86

8ee0cb0a161050a6d83b4cdf70638a46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharLowerW
DialogBoxParamA
CharToOemA
IsDialogMessageA
GetWindowLongA
DrawIcon
PeekMessageA
GetCaretPos
SetCursorPos
SetFocus
GetWindowTextA
PostMessageW

authz

AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeAuditEvent
AuthzAddSidsToContext

kernel32

lstrcmpiA
CopyFileA
VirtualQueryEx
QueryDosDeviceA
GetSystemInfo
FindFirstFileA
ResetEvent
CreateMutexA
lstrcmpA
GetVersionExA
TlsGetValue
GetEnvironmentVariableW
GetCurrentDirectoryW
SetVolumeLabelW
GetShortPathNameA
GetFileAttributesExA
VirtualQuery
GetConsoleAliasW
GetCurrentProcess
GetModuleHandleA
FileTimeToSystemTime
GetComputerNameW
OpenMutexA
CreateNamedPipeW
lstrcmpA
SetCurrentDirectoryA
GetProcAddress

crypt32

CertGetNameStringA
CertFindChainInStore
CertAddStoreToCollection
CertCreateCRLContext
CertDuplicateStore
CertNameToStrA
CertCloseStore
CertOpenStore
CryptFindOIDInfo
CertAlgIdToOID
CertDuplicateCRLContext
CertFindCRLInStore
CertCreateContext
CertCompareCertificate

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 569KB - Virtual size: 569KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ee0cb0a161050a6d83b4cdf70638a46

Headers

File Characteristics

Imports

user32

authz

kernel32

crypt32

Sections

.text Size: 50KB - Virtual size: 50KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 569KB - Virtual size: 569KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 50KB - Virtual size: 50KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 569KB - Virtual size: 569KB

.reloc
Size: 8KB - Virtual size: 8KB