ec3f6be1936390ba2a52a10266851ece0c739495687b9f0eb1cdeadd251e88e3

General

Target

ec3f6be1936390ba2a52a10266851ece0c739495687b9f0eb1cdeadd251e88e3
Size

211KB
MD5

213e7770f4ba4c83b76cdcec943f0afe
SHA1

4e9f33cf0d0b30bbbfb0e715f1ca188e81a17c8d
SHA256

ec3f6be1936390ba2a52a10266851ece0c739495687b9f0eb1cdeadd251e88e3
SHA512

a500fad0cac14cc9633a5dae1572b2d4d7a6baeed38af178b288752e46ae2e52947700817d1a76cbb4c4c69e161a787f3229d92ff28701d7025e8c74cdf72a8a
SSDEEP

3072:YUtvMiHW4xJbFcF/Hkzk4jtq5JnZSx2vgufD/slt1kt+4+sNWZmLIXWJPMIDo:1R24xJb6/EvBKn0x2vg8kt1Y+TsNMWo

Score

N/A

Malware Config

Signatures

Files

ec3f6be1936390ba2a52a10266851ece0c739495687b9f0eb1cdeadd251e88e3
.exe windows x86

2da55d1e111a37c2e25bc408df85285d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
lstrcmpA
WideCharToMultiByte
CloseHandle
LoadLibraryW
MultiByteToWideChar
SetLastError
GetTickCount
FindResourceA
lstrcpyA
GetModuleHandleW
GetProcessHeap
QueryDosDeviceA
GetCurrentProcess
GetLocalTime
CreateFileA
GetVolumeInformationA
GetSystemTimeAsFileTime
DeviceIoControl
FreeResource
lstrlenA
GetEnvironmentStringsA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
HeapAlloc
SystemTimeToFileTime
LockResource
LoadResource

osuninst

ProvideUiAlerts
GetUninstallImageSize
IsUninstallImageValid
RemoveUninstallImage

advapi32

RegQueryValueExA
RegOpenKeyW
RegOpenKeyExA
RegCloseKey
RegQueryValueExW

pautoenr

CertAutoEnrollment
CertAutoRemove

pdh

PdhAddCounterA
PdhAddCounterW
PdhAdd009CounterA
PdhBindInputDataSourceW
PdhBindInputDataSourceA
PdhBrowseCountersA

user32

CharNextA
wsprintfA

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da55d1e111a37c2e25bc408df85285d

Headers

File Characteristics

Imports

kernel32

osuninst

advapi32

pautoenr

pdh

user32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 77KB - Virtual size: 76KB

.data Size: 38KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 996B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 77KB - Virtual size: 76KB

.data
Size: 38KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 996B

.reloc
Size: 2KB - Virtual size: 2KB