0e92e13f3c23d33ec14825f9e21093e1bef08716a6b49bd82869c1fbadc5bc5f

Sharing

Copy URL Twitter E-mail

General

Target

0e92e13f3c23d33ec14825f9e21093e1bef08716a6b49bd82869c1fbadc5bc5f
Size

1.6MB
MD5

a56933134ad776a1de5e1260632303ea
SHA1

05695fea83b184cf1aafa75cbd7df654c22f0fcd
SHA256

0e92e13f3c23d33ec14825f9e21093e1bef08716a6b49bd82869c1fbadc5bc5f
SHA512

0b366b7d4b8028b0933c087157a321cfdee2058554d405f843cea809aab253d74fadc3f3bc01795a750720ecf604580be60beac01eece891c1d83bf03902a39d
SSDEEP

49152:GF+9uZscP/Mk4VY7/1IiPJMU/Srukfjz9AEvjG0JDMf6:YpFP/F4+CkJV/SPz9Ri0ef

Score

N/A

Malware Config

Signatures

Files

0e92e13f3c23d33ec14825f9e21093e1bef08716a6b49bd82869c1fbadc5bc5f
.exe windows x86

5d629ffb3ffe1e8a31692442ca9b2f86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
GetLongPathNameA
GetNumberFormatW
GetProcessId
GetDateFormatA
GetVersionExA
GetShortPathNameA
GetStringTypeA
UpdateResourceA
SetFilePointer
GetEnvironmentVariableW
HeapValidate
lstrcpynA
LoadLibraryA
FindResourceA
TlsGetValue
CloseHandle
ReadFile
DeviceIoControl
GetCurrentProcess
GetConsoleAliasW
CreateDirectoryA
SetEnvironmentVariableW
GetProcAddress
lstrcmpA
WriteConsoleA
WaitForSingleObject
lstrcmpA
QueryDosDeviceW
ReadConsoleA
GetFullPathNameW
FormatMessageA
SetCurrentDirectoryA
GetCurrentDirectoryA

comsvcs

SafeRef
CoLoadServices

shlwapi

UrlIsOpaqueA
UrlEscapeA
UrlUnescapeA
UrlCombineA
PathCompactPathA
UrlGetLocationA
PathCombineA
PathCommonPrefixA
UrlCompareA
UrlCreateFromPathA
UrlGetPartA
UrlHashA
UrlIsNoHistoryW

user32

FindWindowExA
GetMessageA
MessageBoxA
DispatchMessageA
GetPropA
FindWindowExA
PostMessageA
DrawIcon
FindWindowExA
GetWindowLongA
GetWindowTextA
CreateWindowExA
LoadImageA
GetCaretPos
LoadCursorA
IsDialogMessageA
GetWindow
SetCursorPos
CharToOemA
IsZoomed

onex

OneXFreeMemory
OneXAddTLV

advapi32

CreateServiceA
IsValidAcl
OpenServiceA
RegOpenKeyExA
ControlService
ClearEventLogA
IsTextUnicode
RegFlushKey
RegSaveKeyA
RegCloseKey
CreateProcessAsUserA
RegEnumKeyA
IsValidSecurityDescriptor
RegDeleteKeyA

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d629ffb3ffe1e8a31692442ca9b2f86

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comsvcs

shlwapi

user32

onex

advapi32

Sections

.text Size: 88KB - Virtual size: 88KB

.data Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 88KB - Virtual size: 88KB

.data
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 24KB - Virtual size: 24KB