ec2cb7430e39642a91b0a994accf081896c025d416256782775549b36a722084

Sharing

Copy URL Twitter E-mail

General

Target

ec2cb7430e39642a91b0a994accf081896c025d416256782775549b36a722084
Size

457KB
MD5

452ef16574fe0eabcba121eb01651e02
SHA1

c15763e6a38733ead77264e32c55fba66b31a8b0
SHA256

ec2cb7430e39642a91b0a994accf081896c025d416256782775549b36a722084
SHA512

9023729069322fa1a5e5dd9fc19676f231d18d97f404f0b4a05e636b587faa65f4af9990447d674bd1daf782e4fa9ccc1e44787c1ee940612fd6d5e3b6a291bc
SSDEEP

6144:X9+736W+8DmsK/VfGaAsf7MKqbZjAqN3CeatPao:XM736W+8ysK/V+aOb+qN32

Score

N/A

Malware Config

Signatures

Files

ec2cb7430e39642a91b0a994accf081896c025d416256782775549b36a722084
.exe windows x86

5e35ee6deac7d317be8d0db6ddf8f706

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid

msi

ord179
ord150
ord78
ord113
ord8

kernel32

CompareStringA
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
GetVersionExA
lstrcmpW
lstrlenW
GetLastError
CloseHandle
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GetPrivateProfileSectionW
GetFileAttributesW
GetFullPathNameW
GetSystemDirectoryW
GetExitCodeProcess
CreateProcessW
lstrcmpiW
CreateMutexW
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetModuleFileNameW
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
GetSystemDefaultLangID
GetUserDefaultLangID
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
HeapFree
DeleteFileW
GetCommandLineA
GetStartupInfoA
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
WideCharToMultiByte
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
ExitProcess
ReadFile
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetConsoleCtrlHandler
LoadLibraryA
GetLocaleInfoW
GetLocaleInfoA
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CreateFileW
HeapSize
CreateFileA
SetEndOfFile

user32

TranslateMessage
LoadStringW
MessageBoxW
CharNextW
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e35ee6deac7d317be8d0db6ddf8f706

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msi

kernel32

user32

Sections

.text Size: 163KB - Virtual size: 162KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 254KB - Virtual size: 254KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 163KB - Virtual size: 162KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 254KB - Virtual size: 254KB

.reloc
Size: 8KB - Virtual size: 7KB