eb40abf54dc6f1a81982be306b5ebf8745b2f6df8926bec7d63c352741383c55

Sharing

Copy URL Twitter E-mail

General

Target

eb40abf54dc6f1a81982be306b5ebf8745b2f6df8926bec7d63c352741383c55
Size

4.3MB
MD5

502d0135ca26d146eb1234ab7eb6d368
SHA1

829fcd8b45929b6c340d64eb4c4db3de790f97d3
SHA256

eb40abf54dc6f1a81982be306b5ebf8745b2f6df8926bec7d63c352741383c55
SHA512

ea5ac75b99390ce80e3a4dcb5d6ea02a5d14a14210f0c7bfd5ee2f0148725df7e5d32739f4383510c8b39de348f824deba1b64c1d857305e9ce47b356f515aea
SSDEEP

98304:Fce9oRyfJ5plMJM85LS4/8vt7L3A0k6ArP9xRRUm0QuulRJEH5wb3PeV7LvGH27u:5xxo2VTGH4u

Score

N/A

Malware Config

Signatures

Files

eb40abf54dc6f1a81982be306b5ebf8745b2f6df8926bec7d63c352741383c55
.exe windows x86

15c859e7baa1d9ac2f5d26c9bc9efd92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ReadFile
GetThreadContext
CreateProcessA
SetThreadContext
GetModuleHandleA
GetLastError
HeapSize
CommConfigDialogA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetModuleFileNameA
UnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess

setupapi

SetupDiClassGuidsFromNameW

shlwapi

PathIsUNCW

user32

GetWindowRgn
PaintDesktop
SetTimer
PeekMessageA
GetMessageA
DispatchMessageA

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SELIGER
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LZH5
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UYKP
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SP4R
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SCT3
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NQBF
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KDJ4
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

W6PV
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WACN
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ENL4
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LOKG
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RFRE
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

U7B2
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WIMB
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NSIG
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EYIY
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HXXU
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KMDQ
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VJJF
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AMAU
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YNXQ
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ATRA
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UBPN
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GGBN
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

S6WI
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TRMT
Size: 4KB - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15c859e7baa1d9ac2f5d26c9bc9efd92

Headers

File Characteristics

Imports

kernel32

setupapi

shlwapi

user32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 24.0MB

SELIGER Size: 2.2MB - Virtual size: 2.2MB

LZH5 Size: 4KB - Virtual size: 206B

UYKP Size: 4KB - Virtual size: 206B

SP4R Size: 4KB - Virtual size: 206B

SCT3 Size: 4KB - Virtual size: 206B

NQBF Size: 4KB - Virtual size: 206B

KDJ4 Size: 4KB - Virtual size: 206B

W6PV Size: 4KB - Virtual size: 206B

WACN Size: 4KB - Virtual size: 206B

ENL4 Size: 4KB - Virtual size: 206B

LOKG Size: 4KB - Virtual size: 206B

RFRE Size: 4KB - Virtual size: 206B

U7B2 Size: 4KB - Virtual size: 206B

WIMB Size: 4KB - Virtual size: 206B

NSIG Size: 4KB - Virtual size: 206B

EYIY Size: 4KB - Virtual size: 206B

HXXU Size: 4KB - Virtual size: 206B

KMDQ Size: 4KB - Virtual size: 206B

VJJF Size: 4KB - Virtual size: 206B

AMAU Size: 4KB - Virtual size: 206B

YNXQ Size: 4KB - Virtual size: 206B

ATRA Size: 4KB - Virtual size: 206B

UBPN Size: 4KB - Virtual size: 206B

GGBN Size: 4KB - Virtual size: 206B

S6WI Size: 4KB - Virtual size: 206B

TRMT Size: 4KB - Virtual size: 206B

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 24.0MB

SELIGER
Size: 2.2MB - Virtual size: 2.2MB

LZH5
Size: 4KB - Virtual size: 206B

UYKP
Size: 4KB - Virtual size: 206B

SP4R
Size: 4KB - Virtual size: 206B

SCT3
Size: 4KB - Virtual size: 206B

NQBF
Size: 4KB - Virtual size: 206B

KDJ4
Size: 4KB - Virtual size: 206B

W6PV
Size: 4KB - Virtual size: 206B

WACN
Size: 4KB - Virtual size: 206B

ENL4
Size: 4KB - Virtual size: 206B

LOKG
Size: 4KB - Virtual size: 206B

RFRE
Size: 4KB - Virtual size: 206B

U7B2
Size: 4KB - Virtual size: 206B

WIMB
Size: 4KB - Virtual size: 206B

NSIG
Size: 4KB - Virtual size: 206B

EYIY
Size: 4KB - Virtual size: 206B

HXXU
Size: 4KB - Virtual size: 206B

KMDQ
Size: 4KB - Virtual size: 206B

VJJF
Size: 4KB - Virtual size: 206B

AMAU
Size: 4KB - Virtual size: 206B

YNXQ
Size: 4KB - Virtual size: 206B

ATRA
Size: 4KB - Virtual size: 206B

UBPN
Size: 4KB - Virtual size: 206B

GGBN
Size: 4KB - Virtual size: 206B

S6WI
Size: 4KB - Virtual size: 206B

TRMT
Size: 4KB - Virtual size: 206B

.rsrc
Size: 16KB - Virtual size: 15KB