e8b1d836ab091415710b9539c82776e0709a3bbe3c3cc12b3acc61456943e85d

Sharing

Copy URL Twitter E-mail

General

Target

e8b1d836ab091415710b9539c82776e0709a3bbe3c3cc12b3acc61456943e85d
Size

205KB
MD5

0dfa16f709ddc99d8762b60759e99cf0
SHA1

855afc31af94fd2182d0a56cab791e4af7b438e1
SHA256

e8b1d836ab091415710b9539c82776e0709a3bbe3c3cc12b3acc61456943e85d
SHA512

7d102a3f147b2c0a8c8a44ca46931217614bc52fd0d0c3a8d8c361e601467593acf32d3ee48e716c474790f6f9f3213aee5ddd2f251e61c009ed5631be708124
SSDEEP

3072:SdHORKhZbZ58WdIgjXJtXxiXG0lLCE0/aI86nd7Stb/JmV:SR5bs6dSlmE0W4de5YV

Score

N/A

Malware Config

Signatures

Files

e8b1d836ab091415710b9539c82776e0709a3bbe3c3cc12b3acc61456943e85d
.exe windows x86

244706aca72c798aa6cdf44910126869

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathFileExistsW

imm32

ImmInstallIMEW

kernel32

GetFileTime
WideCharToMultiByte
MoveFileExW
DeleteFileW
CopyFileW
GetSystemDirectoryW
QueryPerformanceCounter
GetVersionExW
CreateDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
QueryPerformanceFrequency
Sleep
MultiByteToWideChar
GetTickCount
CreateProcessW
GetLastError
ReadFile
CreateFileW
SetUnhandledExceptionFilter
ReleaseMutex
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
GetCurrentProcessId
CloseHandle
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentProcess
CreateMutexW
GetModuleFileNameW
WriteConsoleW
CreateFileA
FlushFileBuffers
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
MoveFileW
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA

user32

EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
FindWindowW
GetDesktopWindow
GetWindowRect
UnloadKeyboardLayout
LoadKeyboardLayoutW
MessageBoxW

advapi32

RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

244706aca72c798aa6cdf44910126869

Headers

File Characteristics

Imports

version

shlwapi

imm32

kernel32

user32

advapi32

shell32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 88KB - Virtual size: 88KB