7f052c2772391b32dcd0af09b448c31a3ed06ace6aef8477ba201136b51cc568

Sharing

Copy URL Twitter E-mail

General

Target

7f052c2772391b32dcd0af09b448c31a3ed06ace6aef8477ba201136b51cc568
Size

85KB
MD5

e020db94cfcc08221eb8c14a813eabfa
SHA1

e383c14da943c3860326f3cdc6ef5a53b99261c0
SHA256

7f052c2772391b32dcd0af09b448c31a3ed06ace6aef8477ba201136b51cc568
SHA512

8dde4c1104cded2b96b3f962cece5d394af95b1f9789b821d4ea5dc2465252ca55cc291c0c94b363a13fb10e2edfbe6933b887d3d12ad64790cc60a6129da1df
SSDEEP

1536:yeBnaqhc+LDdpGLD+SearwQ9DyZwnstS5hgKSEY6qFIrAij6Tln:yQnZpGLC4DyWnstegKSEDgIsieF

Score

N/A

Malware Config

Signatures

Files

7f052c2772391b32dcd0af09b448c31a3ed06ace6aef8477ba201136b51cc568
.exe windows x86

e0ff758f606ef6cd7a3d593199863762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
TraceMessage
GetTraceEnableFlags

kernel32

CompareStringW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
GetStdHandle
LocalFree
SetThreadUILanguage
HeapSetInformation
GetLastError
WriteFile
CloseHandle
CreateFileW
LocalFileTimeToFileTime
SystemTimeToFileTime
FreeLibrary
LoadLibraryExW
ExpandEnvironmentStringsW
FormatMessageW
GetConsoleOutputCP
WriteConsoleW
GetConsoleMode
GetFileType
GetModuleHandleW
InterlockedExchange
Sleep
InterlockedCompareExchange
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
WideCharToMultiByte
GetFullPathNameW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
OutputDebugStringA

msvcrt

__wgetmainargs
malloc
memmove_s
memcpy_s
_CxxThrowException
_vsnwprintf
_callnewh
free
?what@exception@@UBEPBDXZ
_cexit
fgetwc
_wcsicmp
iswspace
_errno
wcstoul
memset
swscanf
setlocale
??0exception@@QAE@ABV0@@Z
_XcptFilter
_exit
_controlfp
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
exit
_adjust_fdiv
__setusermatherr
_amsg_exit
wprintf
_initterm
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_iob
fwprintf
_purecall
__CxxFrameHandler3
__p__commode

oleaut32

SysFreeString
SysStringLen
VariantClear
SysAllocString

ole32

CoUninitialize
CoCreateInstance
CoInitialize

credui

CredUICmdLinePromptForCredentialsW

wecapi

EcSaveSubscription
EcInsertObjectArrayElement
EcRemoveObjectArrayElement
EcSetObjectArrayProperty
EcSetSubscriptionProperty
EcRetrySubscription
EcDeleteSubscription
EcOpenSubscription
EcGetObjectArraySize
EcOpenSubscriptionEnum
EcClose
EcEnumNextSubscription
EcGetSubscriptionRunTimeStatus
EcGetObjectArrayProperty
EcGetSubscriptionProperty
EcQuickConfig

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0ff758f606ef6cd7a3d593199863762

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

oleaut32

ole32

credui

wecapi

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 20KB - Virtual size: 23KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 20KB - Virtual size: 23KB