ae0547d79e0833e3e75f91527d845aa00fa0c17fe73139e8f3b0c7b3cb1b659d

Sharing

Copy URL Twitter E-mail

General

Target

ae0547d79e0833e3e75f91527d845aa00fa0c17fe73139e8f3b0c7b3cb1b659d
Size

785KB
MD5

2ba52a9f284cecee59f76874cbceece0
SHA1

5c0e4ac64d0b55c7cbc3defa609c1e32acb4af21
SHA256

ae0547d79e0833e3e75f91527d845aa00fa0c17fe73139e8f3b0c7b3cb1b659d
SHA512

9d2643b1524f9e9ed8ffbd3f4c8e63b35a796a66ff94510b10c9ae299e73e1dfe4fd3cefc9d44503ecc6a39b3c194cf44ecbb3b1125d8cf7334ca7e272bcb0e2
SSDEEP

12288:PNJBSwiDrboL/W3Qz+rzdOZsSLJcsZK33PzZF3Q+A:PNS/8nqXdoPVxQPru

Score

N/A

Malware Config

Signatures

Files

ae0547d79e0833e3e75f91527d845aa00fa0c17fe73139e8f3b0c7b3cb1b659d
.exe windows x86

7feb5595e868db6f5dbb973cffd606c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
AddAtomA
GetMailslotInfo
GetConsoleAliasesW
GetFileType
SetProcessAffinityMask
PostQueuedCompletionStatus
AllocConsole
GetTimeFormatA
AllocateUserPhysicalPages
OpenSemaphoreW
EnumCalendarInfoExW
GetACP
GetConsoleScreenBufferInfo
CreateHardLinkW
GetStringTypeExA
FlushInstructionCache
AddAtomW
GetProcessIoCounters
GetPrivateProfileIntW
CreateMutexW
SetEnvironmentVariableA
CreateNamedPipeA
CreateMailslotW
OpenFileMappingW
FindAtomW
GetProcAddress
SetTapePosition
GetConsoleAliasExesLengthA
CreateDirectoryA
GetModuleHandleA
FindResourceExW
GetVolumeInformationA
Toolhelp32ReadProcessMemory
GetWindowsDirectoryW
ReplaceFileA
MapViewOfFileEx
ReplaceFileW
CreateFileMappingW
ProcessIdToSessionId
GetCurrentDirectoryA
GetConsoleAliasExesLengthW
IsValidCodePage
Module32Next
GetConsoleAliasA
CreateTapePartition
GetSystemWindowsDirectoryA
GetFileAttributesExA
CreateEventW
PrepareTape
SetConsoleCtrlHandler
SetSystemTimeAdjustment
GetDevicePowerState
GetAtomNameA
ChangeTimerQueueTimer
LCMapStringA
SetWaitableTimer
GetProcessAffinityMask
GetCurrentProcess
CancelIo
GetCPInfo
VirtualAlloc
CreateFileMappingA
GetThreadPriority
SetThreadAffinityMask
GetCPInfoExW
DeleteVolumeMountPointA
FlushViewOfFile
DefineDosDeviceW
DuplicateHandle
GetNumberFormatW
GetThreadContext
SetCalendarInfoA
GetStdHandle
GetPrivateProfileSectionW
OpenEventW
GetSystemDefaultLCID
FormatMessageA
WideCharToMultiByte
FindVolumeClose
GetShortPathNameW

user32

AdjustWindowRectEx
AdjustWindowRect
AllowSetForegroundWindow
AnyPopup
IsCharAlphaA
ActivateKeyboardLayout

comctl32

CreatePropertySheetPageA
ord6

advapi32

AccessCheckAndAuditAlarmA
AccessCheck
AccessCheckByType
AbortSystemShutdownA

shell32

DragFinish
DragAcceptFiles
DoEnvironmentSubstW
DragQueryFileA

oleaut32

BSTR_UserFree
BSTR_UserMarshal
BstrFromVector
ClearCustData

Sections

.text
Size: 739KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7feb5595e868db6f5dbb973cffd606c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

shell32

oleaut32

Sections

.text Size: 739KB - Virtual size: 738KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 359KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 739KB - Virtual size: 738KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 359KB

.rsrc
Size: 41KB - Virtual size: 41KB