e8ed3e69cff70972f2e93ba2660ccf7bd184cece30e1640deaa933250ea38643

Sharing

Copy URL Twitter E-mail

General

Target

e8ed3e69cff70972f2e93ba2660ccf7bd184cece30e1640deaa933250ea38643
Size

766KB
MD5

0e6904fd5d015b4651106c37c457e140
SHA1

077896c2d870249df8a1aa2201be1e0d4d040d17
SHA256

e8ed3e69cff70972f2e93ba2660ccf7bd184cece30e1640deaa933250ea38643
SHA512

b750a920cc3ef5b2bae418c1b70c8ddd2540abab5401b012f5b54d3733fa2dcc7331c0e01bbb673a7f5add03c7f63a91737633ad34c4b9e4e55b99e54e8a1ea6
SSDEEP

6144:BrLYJZfQ1Zyz2sG4C2bd6VtkPCPLXIfI3kEGw9zmUw5+R7LhNL:JYJVQP82sG4C2bdpPCD4pEZHh

Score

N/A

Malware Config

Signatures

Files

e8ed3e69cff70972f2e93ba2660ccf7bd184cece30e1640deaa933250ea38643
.exe windows x86

080542cc29782424a3e5b7dabeea9e81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedExchange
LCMapStringA
FindNextFileW
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
LocalReAlloc
MultiByteToWideChar
OpenEventW
QueryPerformanceCounter
ResumeThread
RtlUnwind
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiW
lstrcpyW
lstrlenW
LoadLibraryW
VirtualAllocEx
GetDriveTypeW
FindNextChangeNotification
FindFirstFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnterCriticalSection
CreateThread
CreateEventW
CompareStringW
LCMapStringW
CloseHandle

user32

LoadIconW
LoadImageW
LoadStringW
MessageBoxW
PostMessageW
PostQuitMessage
RegisterClassW
SendDlgItemMessageW
SendMessageW
SetDlgItemTextW
SetForegroundWindow
SetTimer
SetWindowPos
TranslateMessage
KillTimer
GetWindowRect
GetWindowLongW
GetSystemMetrics
GetParent
GetMessageW
GetDlgItem
GetDesktopWindow
GetClientRect
EndDialog
DispatchMessageW
DialogBoxParamW
DefWindowProcW
CreateWindowExW
CheckDlgButton
LoadCursorA
IsDlgButtonChecked

gdi32

GetEnhMetaFileW
CreateHalftonePalette
GetEnhMetaFileA

advapi32

RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyA
GetAce
GetSecurityInfo
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SetSecurityInfo

shell32

Shell_NotifyIconW

Sections

.text
Size: 739KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

080542cc29782424a3e5b7dabeea9e81

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 739KB - Virtual size: 739KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 739KB - Virtual size: 739KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1KB - Virtual size: 1KB