e0dbbce3b993e5d2ba90ab13bbe2607e531a424bebba9b6cadcd840efb9c62a5

Sharing

Copy URL

Twitter E-mail

General

Target

e0dbbce3b993e5d2ba90ab13bbe2607e531a424bebba9b6cadcd840efb9c62a5
Size

194KB
MD5

3488f48b13ce7dfb429dc985783ec432
SHA1

a9d2426102ab7264cdf22e0a22b453e979196919
SHA256

e0dbbce3b993e5d2ba90ab13bbe2607e531a424bebba9b6cadcd840efb9c62a5
SHA512

a58aa9be539c16e64dbd26db4fddc8f2411707a4c19ebc3c1e11619ff52e9310d3bea5cf01e0377e1c9ea3de2062f6b5612e8b61781ecc586c6dd7808dc9f41b
SSDEEP

3072:uAFrJ+2f9rAQj16WKkDxyndO62xLtc7AfOGC1K5RB2tHsT:uYd+AAQj0WKkDknwPLJmGCs5HqsT

Score

N/A

Malware Config

Signatures

Files

e0dbbce3b993e5d2ba90ab13bbe2607e531a424bebba9b6cadcd840efb9c62a5
.exe windows x86

1441c08806a19bf860be79526bbc9dbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
GetStringTypeW
LCMapStringW
HeapReAlloc
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetSystemTime
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
LoadLibraryW
EnterCriticalSection
CloseHandle
LockResource
GetLastError
GlobalUnlock
MultiByteToWideChar
ReadFile
HeapCreate
CreateEventA
Sleep
GlobalAlloc
FormatMessageA
SetEvent
GlobalLock
HeapAlloc
LoadResource
lstrlenA
TlsGetValue
FindResourceA
CreateFileA
GetFileSize
GetEnvironmentStringsW
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
ExitProcess
GetModuleHandleW
GetProcAddress

user32

PostMessageA
GetDlgItemTextA
GetSystemMetrics
DefWindowProcA
GetDlgItem
ReleaseDC
SetWindowTextA
DialogBoxParamA
SetActiveWindow
GetWindowDC
ChildWindowFromPointEx
LoadIconA
FindWindowW
SetFocus
GetWindowTextLengthA
SendMessageA
GetDC
SetSysColors
MessageBoxA

gdi32

GetDeviceCaps
CreatePalette
CreateBitmap
DeleteObject
SelectObject
CreateCompatibleDC
RealizePalette
StretchDIBits
SelectPalette
SetStretchBltMode
EnumFontFamiliesA
GetSystemPaletteEntries
GetPixel
SetSystemPaletteUse

advapi32

CryptEncrypt
CryptGenKey
CryptAcquireContextA

shell32

SHParseDisplayName
SHGetMalloc

ole32

OleGetClipboard
CoInitialize
OleUninitialize
OleInitialize
CreateBindCtx
CoUninitialize

shlwapi

PathFileExistsA

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1441c08806a19bf860be79526bbc9dbf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 69KB - Virtual size: 72KB

.rsrc Size: 59KB - Virtual size: 58KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 69KB - Virtual size: 72KB

.rsrc
Size: 59KB - Virtual size: 58KB