e58d86cd4e735d69fd92e64bda1bfcdfea0faedfb0b6ee89dd30cf6bbdda218d

Sharing

Copy URL Twitter E-mail

General

Target

e58d86cd4e735d69fd92e64bda1bfcdfea0faedfb0b6ee89dd30cf6bbdda218d
Size

536KB
MD5

7be332d5c034ad830be3ea68217deb75
SHA1

9a5aa918d64c7f01864b38845121e577b6a4c0ad
SHA256

e58d86cd4e735d69fd92e64bda1bfcdfea0faedfb0b6ee89dd30cf6bbdda218d
SHA512

e6b2cbbf051d844186a4c0bf59bc44e77b8a978c401d15210d70bbe54428e5ca63ea06ac7ea9bd63412919d9ddfc860397a02e4c487d1292671d4107e5f0b8c1
SSDEEP

12288:xdq1s6NehpuovpvfzByEuyokcgXUchoXjUWQNSm/Om6mS5:7q1feHjRByxyEgXFoXjlM/O

Score

N/A

Malware Config

Signatures

Files

e58d86cd4e735d69fd92e64bda1bfcdfea0faedfb0b6ee89dd30cf6bbdda218d
.exe windows x86

f6ea05bdfb5d7d20c21ae2be4a2c4fd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetRect
WindowFromPoint
DdeAccessData
SetMenu
GetTabbedTextExtentA
RegisterClassA
FillRect
DdeConnectList
AppendMenuA
VkKeyScanExW
DdeQueryNextServer
CreateAcceleratorTableA
RegisterClassExA

kernel32

TlsSetValue
GetCurrentThread
EnumSystemLocalesA
GetConsoleCP
GetCurrentProcess
TlsFree
TerminateProcess
IsValidLocale
InitializeCriticalSection
HeapSize
GetTickCount
SetUnhandledExceptionFilter
WriteFile
GetCommandLineA
WideCharToMultiByte
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLocaleInfoA
FreeEnvironmentStringsA
SetLastError
GetModuleFileNameA
ReadFile
GetModuleHandleA
ExpandEnvironmentStringsA
GetTimeFormatA
HeapDestroy
VirtualAlloc
GetConsoleOutputCP
HeapAlloc
Sleep
IsDebuggerPresent
HeapReAlloc
OpenMutexA
SetHandleCount
GetStringTypeA
GetProcAddress
CompareStringW
GetCurrentProcessId
GetVersionExA
CompareStringA
CreateMutexA
SetFilePointer
CreateFileA
MultiByteToWideChar
LCMapStringW
ExitProcess
UnhandledExceptionFilter
GetDateFormatA
GetStartupInfoA
IsValidCodePage
GetCPInfo
GetStdHandle
GetUserDefaultLCID
GetFileType
LeaveCriticalSection
LoadLibraryA
SetEnvironmentVariableA
InterlockedDecrement
RtlUnwind
LCMapStringA
GetLastError
HeapFree
FlushFileBuffers
CloseHandle
HeapCreate
VirtualQuery
SetConsoleCtrlHandler
TlsAlloc
WriteConsoleA
OpenWaitableTimerW
GetProcessHeap
InterlockedIncrement
GetACP
CreateWaitableTimerA
DeleteCriticalSection
SetPriorityClass
GetEnvironmentStrings
GetCurrentThreadId
GlobalFree
DebugActiveProcess
FreeLibrary
EnterCriticalSection
SetStdHandle
EnumResourceNamesA
GetConsoleMode
VirtualFree
FreeEnvironmentStringsW
GetLocaleInfoW
InterlockedExchange
GetStringTypeW
WriteConsoleW
GetOEMCP
GetEnvironmentStringsW
QueryPerformanceCounter
TlsGetValue

comctl32

ImageList_DrawIndirect
CreatePropertySheetPageW
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Replace
ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
ImageList_DragMove
CreateStatusWindowW
_TrackMouseEvent

wininet

FtpDeleteFileA
InternetDialW
FtpPutFileW
InternetConnectA
UnlockUrlCacheEntryStream
FtpGetFileSize
HttpQueryInfoW

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6ea05bdfb5d7d20c21ae2be4a2c4fd7

Headers

File Characteristics

Imports

user32

kernel32

comctl32

wininet

Sections

.text Size: 308KB - Virtual size: 308KB

.rdata Size: 74KB - Virtual size: 99KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 47KB - Virtual size: 46KB

.text
Size: 308KB - Virtual size: 308KB

.rdata
Size: 74KB - Virtual size: 99KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 47KB - Virtual size: 46KB