1ebd78270e9b6a9b700dd65b71d3a07020a2c78248832cad138dcd567ca07c29

Sharing

Copy URL

Twitter E-mail

General

Target

1ebd78270e9b6a9b700dd65b71d3a07020a2c78248832cad138dcd567ca07c29
Size

144KB
MD5

9153f818ffe2405a52a0df79027e3c00
SHA1

962fdaa767f3fa9b802df01adb3e1646411cad4b
SHA256

1ebd78270e9b6a9b700dd65b71d3a07020a2c78248832cad138dcd567ca07c29
SHA512

6541f4bd06b5c5520a6eb89cfdff30b1a923e4d79db0e352fde8765957bc6206c53e81e1dc75c3eb10e86fc487c020852dfcafda8af6301ef3670b395cf99f5e
SSDEEP

3072:7KKlQ13qBS7d1Iz0lCd/SXb3sQJnSDADeak7dJHB/AdGf:/K13N+58LscSsQLH5Ads

Score

N/A

Malware Config

Signatures

Files

1ebd78270e9b6a9b700dd65b71d3a07020a2c78248832cad138dcd567ca07c29
.exe windows x86

29f5f0e38c61af1e8d9ebd6bb8cdf30c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAppendW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW

xlue

lua_pushboolean
lua_tolstring
luaL_checkudata
lua_gettop
XLLRT_ErrorHandle
XLUE_AddXARSearchPath
XLUE_LoadXAR
XLUE_Uninit
XLUE_UninitLuaHost
XL_UnInitGraphicLib
XLUE_UninitHandleMap
XLFS_Uninit
XL_PrepareGraphicParam
XLFS_Init
XL_InitGraphicLib
XLUE_InitLoader
XL_SetFreeTypeEnabled
XLLRT_GetEnv
lua_pushstring
XLLRT_RegisterGlobalObj
lua_pushinteger
lua_pushnil

ws2_32

WSAStartup
WSACleanup

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

utility2.0

GetDownloadPeerid

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetProcessHeap
SetStdHandle
LoadLibraryA
GetOEMCP
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetModuleFileNameW
CloseHandle
InterlockedExchange
GetACP
GetLocaleInfoA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameA
LockResource
LoadResource
FindResourceW
FindResourceExW
FreeLibrary
GetProcAddress
LoadLibraryW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetPrivateProfileStringW
lstrcatW
lstrcpyW
CreateMutexW
OpenMutexW
VirtualQuery
ExitProcess
GetVersion
GetCurrentProcess
DeleteFileA
TerminateProcess
VirtualFree
WideCharToMultiByte
RemoveDirectoryA
FindNextFileA
FindClose
FindFirstFileA
MultiByteToWideChar
SetFilePointer
QueryPerformanceCounter
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
HeapSize
HeapDestroy
HeapCreate
SizeofResource
WriteFile
GetSystemInfo
VirtualProtect
IsBadWritePtr
VirtualAlloc
HeapReAlloc
GetCPInfo
LCMapStringW
GetLastError
LCMapStringA
GetVersionExA
GetStartupInfoW
GetModuleHandleA
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
RtlUnwind

user32

MessageBoxW
wsprintfW
GetSystemMetrics
DispatchMessageW
TranslateMessage
GetMessageW
LoadAcceleratorsW
TranslateAcceleratorW

ole32

CoUninitialize
CoInitialize

shell32

ShellExecuteW

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29f5f0e38c61af1e8d9ebd6bb8cdf30c

Headers

File Characteristics

Imports

shlwapi

xlue

ws2_32

version

utility2.0

kernel32

user32

ole32

shell32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 72KB - Virtual size: 69KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 72KB - Virtual size: 69KB