e0614ad1710607adf8cdb62d45c15e95b1e19e895c391e3f2d1e20f47037452b

Sharing

Copy URL

Twitter E-mail

General

Target

e0614ad1710607adf8cdb62d45c15e95b1e19e895c391e3f2d1e20f47037452b
Size

137KB
MD5

2bae4b414dc1207afb62d5aef2e06ae3
SHA1

630bf52862c56aa20b3eaf9c056e57a9dd887ab2
SHA256

e0614ad1710607adf8cdb62d45c15e95b1e19e895c391e3f2d1e20f47037452b
SHA512

143f7c2f7a218a2b3f42e1bc5015e97c2e952d3792f1fd0965071bd3e7c29a690c29a5fc84c45dcd9fb149669fc716c8381b819f7526710773e91e8921f31e59
SSDEEP

3072:9y2AdZSA3VOOlHPvrYLBT8zqE9r9ybrSEsUwq75:9y2AdZSUVOoH7oBTamN5

Score

N/A

Malware Config

Signatures

Files

e0614ad1710607adf8cdb62d45c15e95b1e19e895c391e3f2d1e20f47037452b
.exe windows x86

1f0d648a9c91629b068dfedf8221fa7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
CloseHandle
WaitForSingleObject
Sleep
EnterCriticalSection
CreateEventW
GetCurrentThreadId
SetEvent
GetCommandLineW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CreateThread
lstrlenW
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

UnregisterClassA
TranslateMessage
DispatchMessageW
GetMessageW
PostThreadMessageW
CharUpperW
CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoTaskMemRealloc

oleaut32

RegisterTypeLi
UnRegisterTypeLi
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
VarUI4FromStr
SysFreeString

msvcr80

_controlfp_s
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
??3@YAXPAX@Z
malloc
free
memcpy_s
_CxxThrowException
wcsncpy_s
??_V@YAXPAX@Z
__CxxFrameHandler3
_recalloc
??_U@YAPAXI@Z
memset
??2@YAPAXI@Z
wcscpy_s
wcscat_s
_except_handler4_common
?terminate@@YAXXZ
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale

rpcrt4

NdrStubForwardingFunction
NdrOleFree
NdrOleAllocate
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 4KB - Virtual size: 539B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.morpc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f0d648a9c91629b068dfedf8221fa7f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcr80

rpcrt4

Sections

.text Size: 28KB - Virtual size: 24KB

.orpc Size: 4KB - Virtual size: 539B

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 4KB

.morpc Size: 72KB - Virtual size: 72KB

.text
Size: 28KB - Virtual size: 24KB

.orpc
Size: 4KB - Virtual size: 539B

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 4KB

.morpc
Size: 72KB - Virtual size: 72KB