d2e6be13ec4621148c9914a647edaf82956d2992ab67891fe3acff2b5f489eb6

Sharing

Copy URL Twitter E-mail

General

Target

d2e6be13ec4621148c9914a647edaf82956d2992ab67891fe3acff2b5f489eb6
Size

1.9MB
MD5

8cc493a73710996e3ee13ad7f55975a7
SHA1

5833f2d164e80b8fb3a63201eb1dd4f661879d2a
SHA256

d2e6be13ec4621148c9914a647edaf82956d2992ab67891fe3acff2b5f489eb6
SHA512

29979c8fa384f745a6b1efbe315e5a0ccfa236a9bf49cd364ef1281093633a3c4386ac7925cc5ba826ba645961cf7dac3edbaae542683fa91e1a8ab77cd9fa97
SSDEEP

6144:Ehs9tdEhaEn/WHyh4of582iq6pATbVln+3Pt7hgwlul0aUcpHuYqlKYQcuDEF+7f:Elajk4I4yXdUbHsxAlJM+cs8

Score

N/A

Malware Config

Signatures

Files

d2e6be13ec4621148c9914a647edaf82956d2992ab67891fe3acff2b5f489eb6
.exe windows x86

e2eb362888228c52fdbb516e0c20652a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord656
ord1634
ord567
ord825
ord3658
ord3621
ord2406
ord4270
ord2559
ord6871
ord6597
ord2854
ord2859
ord2371
ord2377
ord2567
ord4390
ord3397
ord3569
ord3566
ord800
ord640
ord609
ord556
ord540
ord323
ord809
ord2423
ord2397
ord5781
ord858
ord1143
ord755
ord470
ord1088
ord2114
ord1633
ord2746
ord3084
ord2570
ord3614
ord2403
ord2015
ord4213
ord4392
ord3577
ord818
ord616
ord538
ord6437
ord4279
ord3792
ord4118
ord5871
ord3312
ord6211
ord3737
ord541
ord801
ord6139
ord2745
ord6874
ord860
ord823
ord3701
ord535
ord5261
ord4370
ord4847
ord4992
ord2506
ord6048
ord1767
ord5276
ord4419
ord3592
ord3716
ord795
ord641
ord324
ord3568
ord4229
ord4704
ord537
ord2070
ord6195
ord4294
ord4667
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord815
ord561
ord5939
ord2613
ord2717
ord2810
ord1165
ord5857
ord2078
ord6193
ord6168
ord5785
ord1761
ord2442
ord2637
ord861
ord2634
ord942
ord5706
ord3871
ord2606
ord922
ord5568
ord2910
ord613
ord289
ord2574
ord4396
ord3635
ord693
ord2836
ord2440
ord4238
ord5977
ord3991
ord3491
ord6896
ord6374
ord3288
ord6895
ord3905
ord2631
ord956
ord2036
ord2099
ord2857
ord3296
ord5446
ord5830
ord5436
ord6379
ord6390
ord3605
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord5237
ord4401
ord1768
ord4073
ord2294
ord6051
ord1569

msvcrt

_controlfp
_onexit
__CxxFrameHandler
_wtoi
_wcsicmp
fclose
fread
_wfopen
swprintf
wcsrchr
wcstok
wcscat
wcslen
wcscmp
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit

kernel32

GetStartupInfoW
GetModuleHandleW
ReleaseMutex
CloseHandle
GetLastError
CreateMutexW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetModuleFileNameW
GetProcAddress
LoadLibraryW
FreeLibrary
lstrcpyW
lstrcpynW

user32

GetSystemMetrics
DrawIcon
LoadIconW
SetWindowRgn
SetRectEmpty
PostMessageW
GetWindow
IsWindowVisible
GetCursorPos
SetRect
GetWindowRect
ReleaseDC
GetCapture
SetCapture
ReleaseCapture
KillTimer
InvalidateRect
SetTimer
SendMessageW
LoadBitmapW
EnableWindow
GetParent
GetSysColor
WindowFromPoint
LoadStringW
ClientToScreen
PtInRect
GetDC
GetClientRect
IsIconic

gdi32

OffsetRgn
SetROP2
FrameRgn
DeleteObject
CreateDCW
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetPixel
CreateFontIndirectW
CreateCompatibleBitmap
GetTextExtentPoint32W
StretchBlt
CombineRgn
CreateRectRgn
CreateFontW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

comctl32

ImageList_Draw

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2eb362888228c52fdbb516e0c20652a

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB