5ea1d563443449f9f62341c649502448a2ae06fdf1be44ea650c34cba5689762

Sharing

Copy URL Twitter E-mail

General

Target

5ea1d563443449f9f62341c649502448a2ae06fdf1be44ea650c34cba5689762
Size

311KB
MD5

17c09622ee30a9d05f72b6690d0b9b0a
SHA1

9f98b8a333c41233b3f4ae6f58c56de5ffcd5bcc
SHA256

5ea1d563443449f9f62341c649502448a2ae06fdf1be44ea650c34cba5689762
SHA512

72cbba8368fa6f424c5292a22ed4c86f49381538c2c3a7512d78685fbd38cf9112dac563e552a5b46e61d6e5e223b00b5544b0dc9977fb3dd6e3c661a4b2bdd1
SSDEEP

6144:E6Q12cqk4zeN+lYbjGzDS8obDjg1XrMsk5WbxOK5QnCX3mGWa:O2K9yDObDU1r3k0dyCdN

Score

N/A

Malware Config

Signatures

Files

5ea1d563443449f9f62341c649502448a2ae06fdf1be44ea650c34cba5689762
.exe windows x86

ae7819ae5dc8d953be476811a9ba6215

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
ConvertThreadToFiber
CreateFiber
CreateFileA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindNextVolumeW
FlushViewOfFile
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemDirectoryW
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
MapViewOfFileEx
MultiByteToWideChar
RaiseException
ReadFile
RegisterWaitForSingleObject
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
_lclose

gdi32

AbortDoc
BeginPath
BitBlt
ChoosePixelFormat
Chord
ColorCorrectPalette
CreateColorSpaceA
CreateColorSpaceW

user32

EnumThreadWindows
MessageBoxA
wsprintfA

ole32

CoLoadLibrary
CoMarshalInterface
CoRegisterMallocSpy
CoResumeClassObjects
MkParseDisplayName
MonikerRelativePathTo
OleCreateLinkEx
OleMetafilePictFromIconAndLabel
OleRun
ProgIDFromCLSID
ReadClassStm
StgCreateDocfile

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xkmihej
Size: - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ae7819ae5dc8d953be476811a9ba6215

Headers

File Characteristics

Imports

kernel32

gdi32

user32

ole32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 13KB - Virtual size: 28KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 236KB - Virtual size: 236KB

.reloc Size: 4KB - Virtual size: 32KB

xkmihej Size: - Virtual size: 72KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 13KB - Virtual size: 28KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 236KB - Virtual size: 236KB

.reloc
Size: 4KB - Virtual size: 32KB

xkmihej
Size: - Virtual size: 72KB