ee173d7846a408d42b84f352dabd0ed111ad097065926ba57d2c09c6ad29f423

Sharing

Copy URL Twitter E-mail

General

Target

ee173d7846a408d42b84f352dabd0ed111ad097065926ba57d2c09c6ad29f423
Size

566KB
MD5

9834e3a9dd77cc09f02e687b3e40b5e4
SHA1

db277d077ec430302454f42a7c56d4e934bacecd
SHA256

ee173d7846a408d42b84f352dabd0ed111ad097065926ba57d2c09c6ad29f423
SHA512

9c69c6054913a7efd11c35402a7e942332237323bb3e7a234a4d638bed6b37d6e8b3ea900c4be0879edb2f4812a4f6bff22dd2ec4b7c0a56eadfd9d90d2ebae8
SSDEEP

6144:WGaD+7RYVXexbFj/OQkU7gDhwqgQIsufypb1YnO3rK5Q2Q0HqKo6RPSjiRIfe5R1:6+7RYV8FX7WwOIleBcfSEUjN6jJdi05

Score

N/A

Malware Config

Signatures

Files

ee173d7846a408d42b84f352dabd0ed111ad097065926ba57d2c09c6ad29f423
.exe windows x86

2f11270ecb8e3c35653a9d054fc2a877

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountNameA
RevertToSelf
RegReplaceKeyA
RegConnectRegistryW
CryptHashData
CreateServiceA
RegOpenKeyExA
RegEnumKeyA
RegLoadKeyA

kernel32

GetStringTypeA
LoadLibraryA
InitializeCriticalSection
IsBadWritePtr
GetStartupInfoA
GetCommandLineW
TlsAlloc
GetEnvironmentStrings
GetCurrentProcess
GetCurrentThreadId
HeapCreate
ReadFile
CompareStringW
CreateMutexA
HeapAlloc
InterlockedIncrement
SetConsoleWindowInfo
GetStringTypeW
VirtualFree
SetEnvironmentVariableA
GetLastError
SetFilePointer
CompareStringA
GetStdHandle
GetEnvironmentStringsW
LCMapStringA
HeapFree
GetCurrentProcessId
SetStdHandle
GetProcAddress
EnterCriticalSection
TlsFree
HeapDestroy
TerminateProcess
GetModuleFileNameW
UnhandledExceptionFilter
GetCommandLineA
SetHandleCount
InterlockedExchange
GetSystemTimeAsFileTime
VirtualAlloc
RtlUnwind
TlsSetValue
CloseHandle
GetLocalTime
GetStartupInfoW
SetLastError
GetTickCount
ExitThread
GetCurrentThread
LCMapStringW
TlsGetValue
GetModuleFileNameA
ExitProcess
HeapReAlloc
DeleteCriticalSection
InterlockedDecrement
WriteFile
GetVersion
LeaveCriticalSection
GetFileType
MultiByteToWideChar
FreeEnvironmentStringsA
OpenMutexA
GetTimeZoneInformation
VirtualQuery
GetSystemTime
FlushFileBuffers
WideCharToMultiByte
QueryPerformanceCounter
FreeEnvironmentStringsW
GetCPInfo
GetModuleHandleA

comctl32

CreateUpDownControl
ImageList_ReplaceIcon
ImageList_DrawEx
CreateMappedBitmap
CreateStatusWindowW
CreateToolbarEx
ImageList_GetImageRect
ImageList_Destroy
ImageList_SetImageCount
ImageList_GetImageInfo
ImageList_GetBkColor
CreateStatusWindowA
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_Add
InitCommonControlsEx
ImageList_GetDragImage
ImageList_LoadImageW

user32

LoadStringW
RegisterClassA
ShowWindow
RegisterClassExA
DdeGetData
IntersectRect
MessageBoxA
UnloadKeyboardLayout
CreateWindowExW
TabbedTextOutW
GetListBoxInfo
ArrangeIconicWindows
GetCursor
TranslateAcceleratorW
SetCursor
SetCaretBlinkTime
GetInputState
SetForegroundWindow
AppendMenuW
PostMessageW

Sections

.text
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f11270ecb8e3c35653a9d054fc2a877

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

user32

Sections

.text Size: 325KB - Virtual size: 325KB

.rdata Size: 57KB - Virtual size: 68KB

.data Size: 111KB - Virtual size: 111KB

.rsrc Size: 71KB - Virtual size: 70KB

.text
Size: 325KB - Virtual size: 325KB

.rdata
Size: 57KB - Virtual size: 68KB

.data
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 71KB - Virtual size: 70KB