e4ee90e4d6206e0929df4f0b123b0b9d6d5cff234f4747829727d72a6d91b7dd

Sharing

Copy URL Twitter E-mail

General

Target

e4ee90e4d6206e0929df4f0b123b0b9d6d5cff234f4747829727d72a6d91b7dd
Size

112KB
MD5

0d9ea85b8cd014bbc44d1198561608d2
SHA1

6208ead7c9585f941fe6d23eb322111c030caf42
SHA256

e4ee90e4d6206e0929df4f0b123b0b9d6d5cff234f4747829727d72a6d91b7dd
SHA512

74c5e225463d0e607c2e2ad5d9c3f4057639b6ff39f4cedbf7a1b0040aa95287e51979584390814507307fe40fd47017450bd67682fdc8ea8ee1abee815204fa
SSDEEP

3072:59vFq4PIBwC38qU8wCJgnN61ljkFrrlu3N8:XFqeI+CMqRwCCnN61eZrlud

Score

N/A

Malware Config

Signatures

Files

e4ee90e4d6206e0929df4f0b123b0b9d6d5cff234f4747829727d72a6d91b7dd
.exe windows x86

2b46a05ab8d0d6b5fd2dd65f3be2eb21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
FreeEnvironmentStringsA
FileTimeToSystemTime
GetModuleFileNameA
DeleteFileA
GetModuleHandleW
GetExitCodeProcess
lstrcmpiW
GetModuleHandleA
InterlockedIncrement
IsDebuggerPresent
GlobalAlloc
GetWindowsDirectoryA
SetHandleCount
lstrcmpiA
ExpandEnvironmentStringsA
GetTempPathA
LoadResource
CopyFileW
CompareFileTime
lstrcmpA
WritePrivateProfileStringA
LCMapStringW
FreeEnvironmentStringsW
GetConsoleOutputCP
GetUserDefaultLangID
GetThreadLocale
SetCurrentDirectoryA
GetTimeZoneInformation
GlobalUnlock
GetCurrentProcess
GetDateFormatA
GetDriveTypeA
VirtualQuery
SetUnhandledExceptionFilter
GetSystemTime
GetDiskFreeSpaceA
QueryPerformanceCounter
GetStartupInfoA
GetACP
MoveFileA
VirtualProtect
OpenProcess
GetVersion
FileTimeToLocalFileTime
GetTempPathW

msvcrt

_adjust_fdiv
__setusermatherr
__p__commode
__p__fmode
_exit
__getmainargs
_controlfp
__p___initenv
__set_app_type
_except_handler3
_initterm
_XcptFilter

advapi32

AllocateAndInitializeSid
GetTokenInformation
IsValidSid
CryptReleaseContext
SetSecurityDescriptorDacl
RegSetValueExW
AdjustTokenPrivileges
RegQueryValueExW
LookupPrivilegeValueW
RegOpenKeyExW
RegDeleteValueW
OpenServiceW
RegQueryValueExA
LookupPrivilegeValueA
DeregisterEventSource
OpenSCManagerW
AddAccessAllowedAce
RegDeleteValueA
OpenProcessToken
SetSecurityDescriptorGroup
CryptDestroyHash
RegDeleteKeyW
RegCloseKey
FreeSid
SetSecurityDescriptorOwner
CopySid
QueryServiceStatus
CryptHashData
OpenThreadToken
GetUserNameA
RegSetValueExA
EqualSid
InitializeAcl
ControlService
RegFlushKey
RegEnumKeyW
RegCreateKeyExW

user32

WinHelpA
SetCapture
SetWindowPos
SetRect
DeleteMenu
WaitMessage
TranslateMessage
CheckMenuItem
EndPaint
SetClassLongA
SetWindowPlacement
CloseClipboard
ShowWindow
GetWindowRect
InsertMenuA
GetWindowPlacement
DrawFrameControl
CreateWindowExA
GetSubMenu
SetScrollPos
InvalidateRect
GetKeyState
IsZoomed
IsWindow
DrawEdge
InsertMenuItemA
SetActiveWindow
SetWindowTextA
OpenClipboard
EnumWindows
GetMenuStringA
GetMessagePos
SetTimer
CreateMenu
GetClassInfoA
GetClientRect
PtInRect
SendMessageA
DefWindowProcA
GetMenuItemCount
CreatePopupMenu
SetScrollRange
SetCursor
GetActiveWindow
GetWindow
IsWindowEnabled
SetClipboardData
GetIconInfo

Sections

.text
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b46a05ab8d0d6b5fd2dd65f3be2eb21

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

Sections

.text Size: 1024B - Virtual size: 828B

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 1024B - Virtual size: 828B

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 34KB - Virtual size: 34KB