bfe5bc5584c7886157035e1ae6ed345327acf42db456163a01ab57e7500f90a5

Sharing

Copy URL Twitter E-mail

General

Target

bfe5bc5584c7886157035e1ae6ed345327acf42db456163a01ab57e7500f90a5
Size

126KB
MD5

9321f74ca931f18c5fba3c24f8413a32
SHA1

f95a7f725d9d09e40c5901b3f8d9e0fa0c5448bd
SHA256

bfe5bc5584c7886157035e1ae6ed345327acf42db456163a01ab57e7500f90a5
SHA512

ec54b51b92e2773759041a89d935f66bf15a2f4997b71675cdaf4ad7355b2f6749c53361b9a213686013a89856e00aaf139c7539d6ce8f38038b9697ba836acb
SSDEEP

3072:vWTL1w/a4aOre+H/SDkU2KLgeB6v7XWSwff:ve6/a4xy+KDrgzXWDf

Score

N/A

Malware Config

Signatures

Files

bfe5bc5584c7886157035e1ae6ed345327acf42db456163a01ab57e7500f90a5
.exe windows x86

e6abd899d832e7af6ebcac4e2a2304b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

oleaut32

RegisterActiveObject
GetActiveObject
DllUnregisterServer

ole32

CoUninitialize
CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoInitialize
CoTaskMemFree

kernel32

GetVersion
FormatMessageA
GlobalFix
lstrcmpiW
GetTickCount
GetProcAddress
DeleteFileW
FindFirstFileW
FindClose
TerminateProcess
HeapReAlloc
SetCurrentDirectoryW
ExpandEnvironmentStringsW
ReleaseMutex
CloseHandle
SetLastError
SetCommMask
SetUnhandledExceptionFilter
LoadLibraryW
QueryPerformanceCounter
GetSystemDirectoryW
WriteFile
GetExitCodeProcess
lstrcmpW
CreateDirectoryW
QueryDosDeviceW
GetFullPathNameW
FormatMessageW
VirtualQuery
LoadLibraryA
GetPrivateProfileIntW
GetPrivateProfileStringW
GetTimeFormatW
GetDriveTypeW
FindNextFileW
GetPrivateProfileSectionW
CreateProcessW
GetStartupInfoA
InterlockedExchange
GetCommandLineW
IsValidLocale
GetModuleFileNameW
GetSystemTimeAsFileTime
InterlockedIncrement
GetModuleHandleA
UnhandledExceptionFilter
Sleep
GetCurrentProcess
GetVersionExA
GlobalAlloc
FreeLibrary
ReadFile
GetLastError
HeapAlloc
SetFilePointer
OpenMutexW
GetWindowsDirectoryW
OpenEventW
CreateFileW
CreateMutexW
GetDateFormatW
GetProcessHeap
InterlockedDecrement
GetCurrentDirectoryW
GlobalFree
DeviceIoControl
RaiseException
GetProcessHeap
GetDiskFreeSpaceExW
LocalReAlloc
GetTempPathW
MultiByteToWideChar
GetCurrentThreadId
GetLogicalDriveStringsW
HeapFree
GetFileAttributesW
GetCurrentProcessId
GetVolumeInformationW
CopyFileW
HeapSize
lstrlenW
LocalAlloc
LocalFree
lstrlenA
WideCharToMultiByte
WaitForSingleObject

advapi32

SetSecurityDescriptorDacl
RegisterEventSourceA
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
DeregisterEventSource

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zxmxqf
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 107KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6abd899d832e7af6ebcac4e2a2304b5

Headers

File Characteristics

Imports

shell32

oleaut32

ole32

kernel32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 9KB

.zxmxqf Size: 3KB - Virtual size: 3KB

.edata Size: 107KB - Virtual size: 127KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 9KB

.zxmxqf
Size: 3KB - Virtual size: 3KB

.edata
Size: 107KB - Virtual size: 127KB