eb609d69043766b65f49fba26586c62f8d1999c51d5496ae92ab59ed3875eeb8

Sharing

Copy URL Twitter E-mail

General

Target

eb609d69043766b65f49fba26586c62f8d1999c51d5496ae92ab59ed3875eeb8
Size

267KB
MD5

4e4b3aa13e83c8b692e48f878956bda0
SHA1

b5cd53c82679574cbf9e3f277aab84f8390909f1
SHA256

eb609d69043766b65f49fba26586c62f8d1999c51d5496ae92ab59ed3875eeb8
SHA512

ba378ab7096b92d981448a34b1cc2fe70a02ec9a61f24cc632b408699b30a5e20f0246f37b7f908673b7acb65904f02ccec5eddc71197c9646e3c006540d6cfe
SSDEEP

6144:lckh/hz5g3tpxSFyO2B8OxABPT4roOXdyMH/bm:6+3g3tq4O2PxAB7CzdyMH/bm

Score

N/A

Malware Config

Signatures

Files

eb609d69043766b65f49fba26586c62f8d1999c51d5496ae92ab59ed3875eeb8
.exe windows x86

a016e545ad124b6d84451604ea1587a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetKeyState
GetSystemMenu
GetUserObjectInformationW
EnableWindow
OpenDesktopW
GetClassNameW
InvalidateRect
OpenWindowStationW
ReleaseDC
GetSystemMetrics
FillRect
CloseDesktop
SetForegroundWindow
GetProcessWindowStation
GetWindowLongW
SendInput
DrawIconEx
UpdateWindow
DestroyIcon
SetTimer
GetFocus
KillTimer
IsWindow
CloseWindowStation
OpenInputDesktop
SetCursor
ExitWindowsEx
InflateRect
GetSysColor
GetDC
GetParent
ScreenToClient
DrawStateW
GetWindowDC
OffsetRect
SystemParametersInfoW
GetWindow
GetUserObjectSecurity
GetIconInfo
GetWindowRect
GetClientRect
CopyRect
SendMessageW
SetUserObjectSecurity
LoadIconW
EnableMenuItem
LoadCursorW
SetRect
EqualRect
SetProcessWindowStation
DrawFocusRect
TrackMouseEvent
LoadStringW
LoadImageW

msvcrt

_adj_fdivr_m16i
getwchar
_winmajor
__wgetmainargs
ungetc
_mbsspn
_wenviron
__dllonexit
_mbscmp
getc
_spawnvpe
_ismbcdigit
wcsrchr
__mb_cur_max
raise
malloc
__p__winminor
_wexeclpe
_wcserror
_iob
_Getmonths
_osver
__p__commode
_mbsncmp

kernel32

CreateThread
CloseHandle
WaitForSingleObject
FindResourceW
LoadLibraryA
SetUnhandledExceptionFilter
RemoveDirectoryW
GetModuleHandleA
GetSystemTimeAsFileTime
SizeofResource
ProcessIdToSessionId
VirtualFree
IsDebuggerPresent
IsProcessorFeaturePresent
InterlockedExchange
GlobalFree
LockResource
VerSetConditionMask
GetModuleHandleW
HeapSize
SetLastError
GetVersionExW
VirtualAlloc
HeapFree
MulDiv
UnhandledExceptionFilter
QueryPerformanceCounter
HeapSetInformation
CreateEventW
TerminateProcess
GetFileAttributesW
GetCurrentProcess
HeapReAlloc
SetEvent
GetTickCount
OpenProcess
GlobalLock
CreateDirectoryW
ExitProcess
GetCommandLineW
HeapDestroy
LoadResource
GetProcAddress
FreeLibrary
GlobalAlloc
GetLastError
WaitForMultipleObjects
GlobalUnlock
GetProcessHeap
GetStartupInfoW
VerifyVersionInfoW
OutputDebugStringW
Sleep
HeapAlloc
InterlockedCompareExchange
OpenThread
SetProcessShutdownParameters

gdi32

RealizePalette
StretchBlt
CreateFontIndirectW
RoundRect
GetDeviceCaps
CreatePen
PatBlt
CreateCompatibleBitmap
GetObjectW
GetDIBColorTable
GetPixel
GetTextExtentPoint32W
CreateCompatibleDC
CreateSolidBrush
CreatePalette
SelectObject
DeleteObject
CreateHalftonePalette
CreatePatternBrush
BitBlt
SetPixel

shell32

CommandLineToArgvW

advapi32

FreeSid
RegQueryValueExW
DuplicateTokenEx
CopySid
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
GetAce
LookupPrivilegeValueW
RegCloseKey
AddAccessAllowedAce
CreateProcessAsUserW
RegOpenKeyExW
GetTokenInformation
GetLengthSid
EqualSid
AllocateAndInitializeSid
OpenProcessToken
AddAce
AdjustTokenPrivileges
SetSecurityDescriptorDacl
InitializeAcl
RevertToSelf
GetSecurityDescriptorDacl
GetAclInformation

comctl32

_TrackMouseEvent

Sections

.text
Size: 168KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a016e545ad124b6d84451604ea1587a0

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

gdi32

shell32

advapi32

comctl32

Sections

.text Size: 168KB - Virtual size: 172KB

.data Size: 52KB - Virtual size: 52KB

.rdata Size: 33KB - Virtual size: 33KB

.bss Size: - Virtual size: 6KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 168KB - Virtual size: 172KB

.data
Size: 52KB - Virtual size: 52KB

.rdata
Size: 33KB - Virtual size: 33KB

.bss
Size: - Virtual size: 6KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 3KB