ee1dedf99bcc8540e842a6dc6a1dc3b32fe67e97b260c382263f49397d0625ba

Sharing

Copy URL

Twitter E-mail

General

Target

ee1dedf99bcc8540e842a6dc6a1dc3b32fe67e97b260c382263f49397d0625ba
Size

78KB
MD5

042207160f56fb5435a26c8e7f0cdf06
SHA1

d1cf9b017885dbd352059a95fc92ce4836c49cb3
SHA256

ee1dedf99bcc8540e842a6dc6a1dc3b32fe67e97b260c382263f49397d0625ba
SHA512

d22ba14fcf363a724ece0023066f530681a90babb45785a2eaefc3a8f9b8fa5f5dcba750e4dd73e01d4410d2e7f2c7052fb6ad278b71684331ba77de2113d1ef
SSDEEP

1536:OyY9d8nW7n7vHIrX9MRuvyp4NYpAdKfHb2A/YJu5ztoAcR5lby1U59NuM:D2d37nzHIJMA+AUHbz/Yw5RORXNL

Score

N/A

Malware Config

Signatures

Files

ee1dedf99bcc8540e842a6dc6a1dc3b32fe67e97b260c382263f49397d0625ba
.exe windows x86

f5dd1f28adcfb50abb197318fa383000

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fflush
__p__commode
memset
__set_app_type
calloc
__p___initenv
fputc
_adjust_fdiv
signal
__p__fmode
__getmainargs
strchr
__setusermatherr
fputs
getenv
_XcptFilter
fread
atexit
_exit
_initterm
free
_errno
_except_handler3
_iob
_write
atoi
_controlfp

kernel32

GetConsoleOutputCP
GlobalFree
GetCommandLineW
DuplicateHandle
LocalAlloc
GetCurrentProcess
GlobalAlloc
VirtualProtectEx
GetModuleFileNameA
RemoveDirectoryA
IsBadWritePtr
GetProcAddress
GetTickCount
GetModuleHandleW
GetProcessHeap
SetEnvironmentVariableA
GetModuleHandleA

user32

LoadStringA
TrackPopupMenu
EnableWindow
UnhookWindowsHookEx
GetWindowThreadProcessId
GetSystemMetrics
GetWindowLongA
SetTimer
ScrollWindow
DestroyMenu
SetWindowPos
ShowWindow
LoadCursorA

ole32

CreateStreamOnHGlobal
OleGetClipboard
GetRunningObjectTable
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
RegisterDragDrop
CoCreateGuid
StringFromCLSID
CoSetProxyBlanket

comctl32

ImageList_GetIconSize
ImageList_Read
ImageList_GetImageInfo
CreateToolbarEx
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetImageCount
CreatePropertySheetPageW
ImageList_SetImageCount
PropertySheetA
ImageList_Remove
DestroyPropertySheetPage

gdi32

CreateFontW
GetPixel
GetCurrentObject
ExtTextOutA
CreateDCW
CreateDIBitmap
PatBlt
CreatePatternBrush
StretchBlt
ExtCreateRegion
GetTextCharsetInfo
RectVisible
CopyMetaFileW
DeleteObject
GetTextExtentPoint32A

advapi32

RegQueryValueA
GetLengthSid
QueryServiceStatus
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetTokenInformation
CryptAcquireContextA
GetUserNameA
RegDeleteValueA
CryptHashData
OpenSCManagerW
OpenServiceW
InitiateSystemShutdownA
RegEnumKeyExW
LookupPrivilegeValueW
OpenSCManagerA
RegDeleteKeyW
RegOpenKeyExW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5dd1f28adcfb50abb197318fa383000

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

comctl32

gdi32

advapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 63KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 63KB

.rsrc
Size: 6KB - Virtual size: 80KB