84edb700a28503a0dedff0b624fe6f49ce034dfc924dc3ab9b3027eb1db4ce2c

Sharing

Copy URL

Twitter E-mail

General

Target

84edb700a28503a0dedff0b624fe6f49ce034dfc924dc3ab9b3027eb1db4ce2c
Size

300KB
MD5

22c1e4622fde4d644999d9ce4418fdd0
SHA1

c937a5a99eeea149beaaed2c2925d5258bca6835
SHA256

84edb700a28503a0dedff0b624fe6f49ce034dfc924dc3ab9b3027eb1db4ce2c
SHA512

e057f18cea9aec4eed4464b4873861505d42b59733f2a47e5923e66f47c0e757424ff0b55fea508ce993fe984d0113af71034874e7f1c1af3888d852834faff9
SSDEEP

6144:jpP5VkgF4vBu1NE2s6XiwY9vSHtwZ3p94DZkD3fJ:7SOgBETTXe8HU94DEf

Score

N/A

Malware Config

Signatures

Files

84edb700a28503a0dedff0b624fe6f49ce034dfc924dc3ab9b3027eb1db4ce2c
.exe windows x86

e6777947981e5f0a3b627fbd1c64cb25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
MoveFileExA
GetVersionExA
EnumResourceNamesW
LocalReAlloc
ExitProcess
SetConsoleCursorPosition
SetTimeZoneInformation
GenerateConsoleCtrlEvent
ReadFile
GetEnvironmentStringsW
FormatMessageW
SetCommTimeouts
WriteProcessMemory
GetConsoleMode
RaiseException
GetUserDefaultLangID
DebugBreak
GetCommandLineA
lstrlenA
VirtualAlloc
CancelIo

user32

LockWindowUpdate
ShowScrollBar
GetWindowLongA
GetWindowTextLengthA
CharNextW
SetWindowsHookW
CloseWindowStation
DialogBoxIndirectParamA
DrawTextExW
IsCharAlphaA
DefFrameProcW
GetUserObjectInformationA
MapVirtualKeyExW

gdi32

PolyBezierTo
CreateICW
ModifyWorldTransform
ResizePalette
PlayMetaFile
GetCharWidth32W
PtInRegion

comdlg32

PrintDlgW
ChooseColorA
ReplaceTextW
GetSaveFileNameW

advapi32

GetCurrentHwProfileW
StartServiceCtrlDispatcherW
LookupAccountSidA
OpenServiceA
ObjectDeleteAuditAlarmW
ClearEventLogW
AddAccessDeniedAce
LogonUserW
GetFileSecurityA
RegSetValueExW
SetFileSecurityA
SetNamedSecurityInfoW
QueryServiceConfigW
InitializeSid
CloseServiceHandle
RegQueryValueW
ReportEventA
InitializeSecurityDescriptor
ReportEventW
GetFileSecurityW
InitializeAcl
InitiateSystemShutdownA
GetUserNameW
CryptSetKeyParam
DeleteService
LogonUserA
CryptImportKey
CryptGenRandom
ObjectCloseAuditAlarmW
CryptGenKey
SetServiceObjectSecurity
CryptDecrypt
CryptReleaseContext
CryptGetKeyParam
CryptAcquireContextA
NotifyBootConfigStatus
DeregisterEventSource
SetKernelObjectSecurity
RegSetValueExA
RegUnLoadKeyA

shell32

ShellExecuteA
ExtractIconExW
SHGetSettings
DragQueryPoint

comctl32

ImageList_SetImageCount
ImageList_DragEnter

shlwapi

PathRemoveFileSpecW
PathFindNextComponentW
StrRChrW
SHRegCreateUSKeyW
PathQuoteSpacesW
PathStripPathW
PathFindFileNameW
SHAutoComplete
SHRegCloseUSKey
UrlIsW
PathStripPathA
PathIsUNCA
SHRegOpenUSKeyW
PathIsUNCW

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6777947981e5f0a3b627fbd1c64cb25

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 288KB - Virtual size: 285KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 288KB - Virtual size: 285KB