ee23137309cd8479f9dfad9622ca65cc3463075c28ecaa4654a9de71ba1bfa2c

Sharing

Copy URL

Twitter E-mail

General

Target

ee23137309cd8479f9dfad9622ca65cc3463075c28ecaa4654a9de71ba1bfa2c
Size

1.1MB
MD5

6bc1c8845a7f14336f9025a93037b195
SHA1

ce7301dba40de769df40479d54858c35f02d4e7b
SHA256

ee23137309cd8479f9dfad9622ca65cc3463075c28ecaa4654a9de71ba1bfa2c
SHA512

e2f17d1bc178279381694d3e4c8d5f485ba2f22c98ead7a08cf01e8fafae07d9878d9d043e1c8d75385d02e11670eac84ad1b0e8ea284bea8536c4566143821c
SSDEEP

12288:Ppl4fiqmtjmz07aTU/cdYjj+vNlGy19HE2RSht1MncPi4MX5B9R2C4oqfMiV2Mki:Ps6qmFKUkdYjj+v1U1DW5jR2C4oi2mH

Score

N/A

Malware Config

Signatures

Files

ee23137309cd8479f9dfad9622ca65cc3463075c28ecaa4654a9de71ba1bfa2c
.exe windows x86

213ab932153f8b9f7deab59e6c3c92a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
FindFirstVolumeA
GetConsoleAliasExesLengthA
GetFileAttributesExW
GetThreadTimes
SetConsoleDisplayMode
GetProcessPriorityBoost
GetTimeFormatA
CreateDirectoryA
GetTempPathW
GetSystemDirectoryW
GetConsoleOutputCP
GetConsoleAliasExesLengthW
AreFileApisANSI
CopyFileExW
GetAtomNameW
DeleteAtom
FormatMessageA
GetModuleFileNameA
GetDateFormatA
SearchPathW
SetEvent
GetProcessIoCounters
SystemTimeToFileTime
DeleteTimerQueueEx
FindNextChangeNotification
SetTapeParameters
GetProfileIntA
GetStringTypeW
SetFileAttributesA
AssignProcessToJobObject
GetConsoleAliasesW
GetSystemWindowsDirectoryW
GetACP
CreateWaitableTimerW
EnumCalendarInfoA
GetUserDefaultUILanguage
FindNextFileW
GetThreadContext
LCMapStringA
SetCurrentDirectoryW
ReleaseMutex
GetCompressedFileSizeA
IsBadWritePtr
SetHandleInformation
SetUnhandledExceptionFilter
LoadLibraryExA
OpenSemaphoreA
GetCurrentDirectoryA
GetFileAttributesW
SetConsoleOutputCP
GetLongPathNameA
FindFirstFileExA
GetCalendarInfoW
SetThreadExecutionState
GetVolumePathNameW
ProcessIdToSessionId
FreeEnvironmentStringsW
GetStringTypeExA
GetMailslotInfo
GetProfileStringA
GetNumberFormatW
GetLogicalDrives
HeapSetInformation
SetProcessWorkingSetSize
EnumCalendarInfoW
SetComputerNameExW
SearchPathA
GetPrivateProfileStringW
EraseTape
DeleteFileA
GetConsoleAliasExesA
SetInformationJobObject
MapUserPhysicalPages
GetPriorityClass
GetEnvironmentStrings
DefineDosDeviceW
ConvertDefaultLocale
ContinueDebugEvent
SetWaitableTimer
ReadProcessMemory
DnsHostnameToComputerNameW
FindFirstFileA
GetConsoleWindow
CreateMutexA
OpenFileMappingW
MoveFileWithProgressA
GetDiskFreeSpaceA
GetFileTime
CreateSemaphoreA
DeviceIoControl
CreateHardLinkA
CancelWaitableTimer
GetTempPathA
CancelIo
GetConsoleAliasA
CreateToolhelp32Snapshot
GetLongPathNameW
HeapSize
SetPriorityClass
GetCurrentThread
GetNamedPipeHandleStateA
SetStdHandle
GetStdHandle
SwitchToThread
GetConsoleCursorInfo
ExpandEnvironmentStringsW
FindFirstFileW
GetConsoleMode
CreateSemaphoreW
PrepareTape
SetConsoleMode
GetWindowsDirectoryW
GetPrivateProfileStringA
DosDateTimeToFileTime
SetEndOfFile
GetDiskFreeSpaceW
IsBadCodePtr
GetThreadLocale
GetUserDefaultLangID
SetSystemPowerState
GetCalendarInfoA
GetShortPathNameA
ReleaseSemaphore
GetDriveTypeW
GetSystemDefaultLangID
SetThreadLocale
GetProfileSectionW
lstrcpynA
GetPrivateProfileSectionA
QueryInformationJobObject
CreateHardLinkW
CreateWaitableTimerA
FreeUserPhysicalPages
GetCurrentProcess
DuplicateHandle
DeleteTimerQueue
ReadFile
VirtualAlloc
FlushConsoleInputBuffer
GetStringTypeA
CreateEventA
GetPrivateProfileSectionNamesA
GetLogicalDriveStringsW
CopyFileExA
GetCPInfo
SetEnvironmentVariableA
GetProcAddress
SetFileAttributesW
GetLocaleInfoW
GetModuleHandleW
GetThreadPriority
MapViewOfFile
GetUserDefaultLCID
CreateDirectoryW
OpenWaitableTimerW
GetPrivateProfileStructA
OpenWaitableTimerA
GetVolumePathNameA
GetVersion
GetProcessVersion
GetPrivateProfileIntA
GetDevicePowerState
MultiByteToWideChar
SetThreadAffinityMask
SetConsoleCtrlHandler
HeapReAlloc
HeapAlloc
ExpandEnvironmentStringsA
FileTimeToSystemTime
IsValidCodePage
GetDriveTypeA
TlsSetValue
FreeResource
LCMapStringW
GlobalMemoryStatus
GetNamedPipeInfo
GetDiskFreeSpaceExA
GetSystemDefaultUILanguage
SetFileTime
MapUserPhysicalPagesScatter
GetBinaryTypeA
CopyFileW
lstrcmpW
GetCurrentConsoleFont
GlobalDeleteAtom
PostQueuedCompletionStatus
CreateJobObjectA
FindFirstVolumeW
FlushInstructionCache
GetShortPathNameW
GetPrivateProfileIntW
CreateFileW
GetCurrencyFormatW
DefineDosDeviceA
SetThreadPriorityBoost
OpenMutexA
FindResourceA
GetModuleFileNameW
CreateFileMappingA
CreateNamedPipeW
SetThreadIdealProcessor
GetFullPathNameW
CreateDirectoryExA
SetThreadPriority
GetVolumeNameForVolumeMountPointA
GetFileType
GetConsoleAliasExesW
GetFileInformationByHandle
OpenMutexW
FoldStringA
ReplaceFileA
CreateNamedPipeA
RtlUnwind
GetOEMCP
Sleep
HeapFree
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetCommandLineA
ExitProcess
DecodePointer
WriteFile
WideCharToMultiByte
GetEnvironmentStringsW
IsProcessorFeaturePresent

user32

RedrawWindow

advapi32

CopySid
RegEnumValueA
DeregisterEventSource
OpenServiceW
CryptHashData
GetUserNameW
RegEnumKeyW
InitializeSecurityDescriptor
CryptReleaseContext
RegSetValueExA
SetNamedSecurityInfoW
ChangeServiceConfigW
RegSetValueExW
RegOpenKeyW
GetSecurityDescriptorLength
SetSecurityDescriptorDacl
RegFlushKey
EqualSid
RegOpenKeyExW
GetSidLengthRequired
RegCreateKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
LsaQueryInformationPolicy
RegEnumValueW
LookupAccountNameW
ImpersonateLoggedOnUser
GetSidSubAuthority
IsValidSecurityDescriptor
RegSetValueW
IsValidSid
ReportEventW
SetThreadToken
SetSecurityDescriptorGroup
OpenServiceA
GetTokenInformation
SetSecurityDescriptorOwner
AdjustTokenPrivileges
GetSecurityDescriptorGroup
RegEnumKeyExW
OpenThreadToken
SetEntriesInAclW
OpenProcessToken
LsaOpenPolicy

shell32

SHBindToParent
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetDesktopFolder
SHGetFileInfoW
CommandLineToArgvW
SHChangeNotify
ShellExecuteW
SHGetMalloc
SHBrowseForFolderW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHFileOperationW

oleaut32

SafeArrayPtrOfIndex
VariantChangeTypeEx
SafeArrayGetLBound
SysFreeString
SafeArrayCreate
VariantChangeType
SafeArrayGetUBound
VariantCopyInd
SysReAllocStringLen
VariantInit
SysAllocStringByteLen
GetActiveObject
VariantClear
SysStringLen
GetErrorInfo
SysAllocStringLen
VariantCopy

Sections

.text
Size: 755KB - Virtual size: 755KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

213ab932153f8b9f7deab59e6c3c92a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

oleaut32

Sections

.text Size: 755KB - Virtual size: 755KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 309KB - Virtual size: 660KB

.tls Size: 6KB - Virtual size: 5KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 755KB - Virtual size: 755KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 309KB - Virtual size: 660KB

.tls
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 5KB - Virtual size: 5KB