ec20dc38ee03142fa81cedafe1f441573bb55b36db9a095f34384d2402622dbe

Sharing

Copy URL Twitter E-mail

General

Target

ec20dc38ee03142fa81cedafe1f441573bb55b36db9a095f34384d2402622dbe
Size

261KB
MD5

40020c8fc1fab2e29d823a7b227a3130
SHA1

5d7b595308badda72a819d3de112c929b4f70f3b
SHA256

ec20dc38ee03142fa81cedafe1f441573bb55b36db9a095f34384d2402622dbe
SHA512

dfa358de3dfbe42c9a24ec512ff5df7be9edb9ea7b1518490e28f676a93a802ce3aea41946dff9d4f080220b4436fd820bfe6f986f7db7ef56acdcacc258120d
SSDEEP

6144:srUbRr2lV/yLNSh4moyfeAvIIOdo9tv7ujRw9mB:srUp2u+z6Alv7pmB

Score

N/A

Malware Config

Signatures

Files

ec20dc38ee03142fa81cedafe1f441573bb55b36db9a095f34384d2402622dbe
.exe windows x86

d047103e41d3ef6641e5a58f69b8ca81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetCurrentProcessId
GetProcAddress
GetFileAttributesW
SetFileAttributesW
SetFilePointer
ReadFile
CreateFileW
GetFileAttributesExW
SetEndOfFile
CloseHandle
DeleteFileW
WriteFile
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ExpandEnvironmentStringsW
LoadLibraryA
GetVersionExW
FreeLibrary
GetComputerNameW
GetModuleHandleW
GetFileSizeEx
UnmapViewOfFile
GetLastError
CreateFileMappingW
MapViewOfFile
FlushFileBuffers
CreateFileA
WriteConsoleW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
Sleep
HeapSize
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree
OleInitialize
OleUninitialize

Exports

Exports

CheckFile
GetConfigValue
Term

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d047103e41d3ef6641e5a58f69b8ca81

Headers

File Characteristics

Imports

kernel32

shell32

ole32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 150KB - Virtual size: 152KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 150KB - Virtual size: 152KB