e641c598894fa15e9be2139aec3ff522bd648a5e006aa07f9c24779c225055c6

Sharing

Copy URL Twitter E-mail

General

Target

e641c598894fa15e9be2139aec3ff522bd648a5e006aa07f9c24779c225055c6
Size

1.3MB
MD5

2c6fcecbad51235c703d9450c677b5a9
SHA1

3979d0e00eedf9879d3913720d1d9226e532f766
SHA256

e641c598894fa15e9be2139aec3ff522bd648a5e006aa07f9c24779c225055c6
SHA512

69c63adbc8dc30aa16b414e71d048fac1972764e8c3b64e432e5451d5cbd364577c60b6c61aebac2d5eca324c0b894f71047e16b595103abb1d8fa10e0260168
SSDEEP

24576:wXFFm1dqHcb2ysDLFEJi2fNvrzqDtuK28GDWDLdUgYFdKTKG199jF:wXFSkDmJi2RCtV4WNT+GjlF

Score

N/A

Malware Config

Signatures

Files

e641c598894fa15e9be2139aec3ff522bd648a5e006aa07f9c24779c225055c6
.exe windows x86

ea3fa03022e2cfddd944610587734676

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
InterlockedExchange
DeleteCriticalSection
IsValidLocale
InterlockedIncrement
LeaveCriticalSection
EnumSystemLocalesA
RtlUnwind
LoadLibraryA
CompareStringA
GetUserDefaultLCID
WriteConsoleW
GetStringTypeW
GetCurrentProcessId
GetProcAddress
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoA
WriteFile
HeapSize
SetFilePointer
InterlockedDecrement
CloseHandle
OpenMutexA
EnterCriticalSection
SetLastError
GetModuleFileNameA
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
InitializeCriticalSection
GetConsoleOutputCP
GetACP
GetVersionExA
FlushFileBuffers
HeapAlloc
TlsSetValue
GetVolumeInformationW
TerminateProcess
GetLocaleInfoW
GetConsoleCP
GetStdHandle
HeapFree
GetDateFormatA
VirtualQuery
GetModuleHandleA
GetLastError
GetTickCount
SetConsoleCtrlHandler
ReadConsoleInputW
GetTimeFormatA
TlsAlloc
CreateFileA
VirtualFree
GetStringTypeA
GetCommandLineA
GetConsoleMode
GetCurrentThread
HeapDestroy
FreeEnvironmentStringsW
LCMapStringA
GetFileType
UnhandledExceptionFilter
GetOEMCP
GetCurrentProcess
QueryPerformanceCounter
LCMapStringW
WideCharToMultiByte
IsValidCodePage
WriteConsoleA
ExitProcess
ReadFile
GetProcessHeap
SetHandleCount
HeapCreate
GetCurrentThreadId
IsDebuggerPresent
VirtualAlloc
GetEnvironmentStringsW
TlsGetValue
GetEnvironmentStrings
MultiByteToWideChar
SetEnvironmentVariableA
GetStartupInfoA
CreateMutexA
TlsFree
FreeLibrary
Sleep
GetCPInfo
CompareStringW
HeapReAlloc

comctl32

ImageList_Create
_TrackMouseEvent
CreatePropertySheetPage
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Merge
ImageList_EndDrag
InitCommonControlsEx
ImageList_Duplicate
CreatePropertySheetPageA
InitMUILanguage
CreateUpDownControl
ImageList_ReplaceIcon
ImageList_AddMasked
DrawStatusText
ImageList_LoadImageA
CreateStatusWindowW
ImageList_Draw
ImageList_SetOverlayImage
ImageList_SetFlags
ImageList_DragMove
ImageList_GetImageCount
DrawStatusTextW

user32

ShowWindow
RegisterClassA
RegisterClassExA
EnumChildWindows
DialogBoxIndirectParamA
AnimateWindow
GetWindowWord
EndDialog
DialogBoxParamA
CharToOemBuffA
SetRectEmpty
GetDCEx
ShowWindowAsync
DdePostAdvise
VkKeyScanA
DrawFocusRect

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 825KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea3fa03022e2cfddd944610587734676

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 253KB - Virtual size: 283KB

.data Size: 825KB - Virtual size: 824KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 253KB - Virtual size: 283KB

.data
Size: 825KB - Virtual size: 824KB

.rsrc
Size: 60KB - Virtual size: 60KB