80eb8ce64b5a7f0ad6de549c2b13488a2fe0a646fd9867b46c1a008a101f2b20

Sharing

Copy URL Twitter E-mail

General

Target

80eb8ce64b5a7f0ad6de549c2b13488a2fe0a646fd9867b46c1a008a101f2b20
Size

28KB
MD5

91f1c4648a321346014f276b31966ffb
SHA1

9c8c24556f62cbfa498686c623fff1f33849656d
SHA256

80eb8ce64b5a7f0ad6de549c2b13488a2fe0a646fd9867b46c1a008a101f2b20
SHA512

7594a8ab7329b8ead623b349d83f8dcffe5b6b7148832629bc2658f07e03386aac0172aa1cb0b008b121da26d1602a29675420664ebbf151f263d6c87bbf0cda
SSDEEP

384:lvEuszTkE5fsTQl7/LH3qRlQiAEmDcuUB+obFI8ytRvG:R2gSfs+/zaoVEmD/y+So7v

Score

N/A

Malware Config

Signatures

Files

80eb8ce64b5a7f0ad6de549c2b13488a2fe0a646fd9867b46c1a008a101f2b20
.exe windows x86

abe419df550107c081fafd8ffe205844

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UpdateResourceA
CloseHandle
GetStringTypeA
GetLongPathNameA
lstrcpynA
GetProcessId
GetComputerNameA
SetEnvironmentVariableW
GetEnvironmentVariableA
GetCurrentProcess
GetProcAddress
WaitForSingleObject
GetBinaryTypeA
GetTimeFormatA
GetConsoleAliasW
HeapValidate
GetPrivateProfileStructW
GetGeoInfoA
LoadLibraryA
ReadConsoleA

msimg32

DllInitialize
GradientFill
AlphaBlend
TransparentBlt

wtsapi32

WTSOpenServerW
WTSVirtualChannelClose
WTSVirtualChannelPurgeInput
WTSLogoffSession
WTSSetUserConfigW
WTSUnRegisterSessionNotification
WTSEnumerateProcessesA
WTSSendMessageA
WTSFreeMemory
WTSRegisterSessionNotification
WTSQueryUserToken
WTSVirtualChannelRead
WTSVirtualChannelWrite
WTSQuerySessionInformationA

shlwapi

UrlCreateFromPathA
UrlCanonicalizeA
UrlIsNoHistoryW
UrlGetLocationA
UrlIsA
UrlUnescapeA
UrlIsOpaqueA
UrlCombineA
UrlHashA
UrlEscapeA
UrlCompareA
PathCompactPathA

nddeapi

NDdeShareAddA
NDdeShareEnumA
NDdeShareSetInfoA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 661B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abe419df550107c081fafd8ffe205844

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msimg32

wtsapi32

shlwapi

nddeapi

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 661B

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 661B

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 2KB