eaa1dc61c881e204472b401d5a5c3c6c0a0e358d05de5d5d7d7ece7bbe7c1414

General

Target

eaa1dc61c881e204472b401d5a5c3c6c0a0e358d05de5d5d7d7ece7bbe7c1414
Size

539KB
MD5

b86f068ae1b1c2d900a9216b83bea81d
SHA1

7e8c8da2d1afdaf30a5c14cc462e6420ae22fa17
SHA256

eaa1dc61c881e204472b401d5a5c3c6c0a0e358d05de5d5d7d7ece7bbe7c1414
SHA512

ab493c954da7ce645c0468bdee336c133524bf8424fb21fb698612df93814067b74a99dcfe0077e7d53689898b8f49ad43505d7a311defe8d46b39d53e2ae792
SSDEEP

12288:+AyLOa0bpTxFLhzSMZOwMMOnt4wzqs2T/S4KrvTKtC26:e/0VLo4Ow5Onmwehk/KtC26

Score

N/A

Malware Config

Signatures

Files

eaa1dc61c881e204472b401d5a5c3c6c0a0e358d05de5d5d7d7ece7bbe7c1414
.exe windows x86

49d007634ff19b49b8f0f46bf2a566cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
ShowWindowAsync
GetClientRect
SetWindowPlacement
AdjustWindowRect
GetWindowPlacement
IsWindow
CloseWindow
DeferWindowPos
GetTopWindow

gdi32

EndPage
BitBlt
CloseEnhMetaFile
GetBkMode
GetAspectRatioFilterEx
FillRgn
Escape
EqualRgn
CreateFontA
AbortDoc
CreateCompatibleDC

advapi32

RegQueryValueA
ClearEventLogW
RegQueryInfoKeyA
RegisterEventSourceA
OpenEventLogA
RegSetValueExA
PrivilegeCheck
RegOpenKeyA
RegCreateKeyA

shlwapi

PathRemoveFileSpecA
SHQueryValueExA
StrRStrIA
PathIsSameRootW
PathRenameExtensionW

kernel32

GetPrivateProfileStringA
GetPrivateProfileStructA
GetModuleHandleA
GetProcAddress
VirtualAllocEx
GetStartupInfoA

wsnmp32

ord301
ord204
ord906
ord602
ord206
ord101
ord605
ord201
ord600
ord102
ord203
ord200
ord107

odbc32

ord60

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 503KB - Virtual size: 502KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49d007634ff19b49b8f0f46bf2a566cb

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shlwapi

kernel32

wsnmp32

odbc32

msvcrt

Sections

.text Size: 503KB - Virtual size: 502KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 298KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 503KB - Virtual size: 502KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 298KB

.rsrc
Size: 32KB - Virtual size: 32KB