0e3e85d8101e0a34c01b85439587a963725c5ba5e3dc05389c7d2b03cc679466

Sharing

Copy URL Twitter E-mail

General

Target

0e3e85d8101e0a34c01b85439587a963725c5ba5e3dc05389c7d2b03cc679466
Size

268KB
MD5

90aad6bfd039cb6cb0b75c6c4cfa4911
SHA1

f1d4caa43bf57d89276299ecf984fdfd432312b7
SHA256

0e3e85d8101e0a34c01b85439587a963725c5ba5e3dc05389c7d2b03cc679466
SHA512

1edf630962c27625ac22fe7169b83bf36976b7f2efb27e519a7762d399eacdf9f9e7d84fcb7aa27a300fc626d36f3089893862304da4bfeb26f41c0e9e9368b8
SSDEEP

3072:ssdd0UcEmPpUYMH8VoynJfsMQgRnJ5mw/G0jgVxBDCH7OgtBLfkajaAXjBjsPVHL:sI0QwSgRnrmIjm347FLfPFsVHDqju

Score

N/A

Malware Config

Signatures

Files

0e3e85d8101e0a34c01b85439587a963725c5ba5e3dc05389c7d2b03cc679466
.exe windows x86

69ebdfd3aaae4c8997f27ec7f22373cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
_lopen
GlobalFree
GlobalAlloc
CreateDirectoryA
GetLastError
GetStdHandle
GetFileType
GetFileAttributesA
CloseHandle
TerminateProcess
GetVersion
SetStdHandle
LCMapStringW
LCMapStringA
FlushFileBuffers
lstrcpyA
_lwrite
lstrlenA
OutputDebugStringA
_llseek
OpenFile
GetTempPathA
GetProcAddress
LoadLibraryA
lstrcatA
GetWindowsDirectoryA
FreeLibrary
GetModuleFileNameA
FindClose
FindFirstFileA
GetDiskFreeSpaceA
GetDriveTypeA
GetLogicalDrives
SetErrorMode
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
SetFilePointer
ExitProcess
_lclose
HeapDestroy
HeapReAlloc
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
VirtualAlloc
HeapAlloc
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW

user32

GetForegroundWindow
SetForegroundWindow
ShowWindow
CreateWindowExA
DispatchMessageA
TranslateMessage
GetMessageA
GetParent
MessageBoxA
wsprintfA
ReleaseDC
GetSystemMetrics
GetDC
RegisterClassA
EnableWindow
PostQuitMessage
FindWindowExA
FindWindowA
SendMessageA
DefWindowProcA
LoadCursorA
SetCursor

shlwapi

PathIsDirectoryA

ezdll

EzDibNew
EzDumpPngFile
EzDumpTifFile
EzDumpJpgFile
EzDumpBmpFile

gdi32

GetDeviceCaps
CreateDCA

comdlg32

PrintDlgA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

winmm

waveOutGetNumDevs

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

69ebdfd3aaae4c8997f27ec7f22373cd

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

ezdll

gdi32

comdlg32

advapi32

winmm

version

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 15KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 15KB

.text
Size: 196KB - Virtual size: 196KB