ea7252c61d2877f7e78f611ee596189320d0dd18ede397577119a5040cea3d3f

Sharing

Copy URL Twitter E-mail

General

Target

ea7252c61d2877f7e78f611ee596189320d0dd18ede397577119a5040cea3d3f
Size

254KB
MD5

5922211def1e6b4c8b2f7f99e6ef9990
SHA1

703303207aaff1c0c7f50d02d116c4bd29ca69a3
SHA256

ea7252c61d2877f7e78f611ee596189320d0dd18ede397577119a5040cea3d3f
SHA512

d58761c9bd25edca502fd63de7d31fde0e830258d0dfb7eb5e3c10977773dae384f4eedce320ef5c7a39ca68f59c32c2bc41ef3be86ceba2ce996c89b854edd3
SSDEEP

6144:6yLVbBgsD4Q3QptsCVNrwGTaD4kmw9+6Bw769RseQXQhQ8nU:Piu4XptsKNEOBkV9+Z76D3M8nU

Score

N/A

Malware Config

Signatures

Files

ea7252c61d2877f7e78f611ee596189320d0dd18ede397577119a5040cea3d3f
.exe windows x86

d9013288c0c665b1cbd20763c0c3e290

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
TraceMessage

kernel32

LCMapStringW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
FreeLibrary
LoadLibraryExW
SetThreadPreferredUILanguages
HeapSetInformation
GetModuleHandleW
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcrt

??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_except_handler4_common
_controlfp
_wtol
_wtoi
__set_app_type
__p__fmode
__p__commode
_callnewh
__setusermatherr
_amsg_exit
_initterm
malloc
exit
_XcptFilter
setlocale
memset
_vsnwprintf
__CxxFrameHandler3
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
free
_CxxThrowException
_exit
_cexit
__wgetmainargs
towupper
_adjust_fdiv

wbemcomn

?Write@CMemoryLog@@QAEXJ@Z
?GetMemLogObject@@YGPAVCMemoryLog@@XZ

user32

LoadStringW

ole32

CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9013288c0c665b1cbd20763c0c3e290

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

wbemcomn

user32

ole32

version

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 236KB - Virtual size: 396KB

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 236KB - Virtual size: 396KB