2e0e8566045e71903ff59af10f4341671a6cd61de5e7a8e6c363c379bc1c4cca

Sharing

Copy URL Twitter E-mail

General

Target

2e0e8566045e71903ff59af10f4341671a6cd61de5e7a8e6c363c379bc1c4cca
Size

286KB
MD5

202ad25d13460a459841ccdb3a2ebe20
SHA1

2f568a37b40a678387a52dfa23066cd88b5e4c93
SHA256

2e0e8566045e71903ff59af10f4341671a6cd61de5e7a8e6c363c379bc1c4cca
SHA512

b54f47f7f9575ce95d635cb653e9e4cdaeff40223fb541511c160bb3a544a2d2938354e918babe4f32176b41fea2998f1b6941a3459f29a53796800ac47b453b
SSDEEP

6144:4h5NstXLpwW4kgX741RaccMWlUKMNSEQ4kflycnH:4jNstbptguscPKGzQ4s1

Score

N/A

Malware Config

Signatures

Files

2e0e8566045e71903ff59af10f4341671a6cd61de5e7a8e6c363c379bc1c4cca
.exe windows x86

4e64c9d06cc5deca782326cecf1fa287

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

MultiByteToWideChar
WriteConsoleW
SetStdHandle
HeapSize
RtlUnwind
LoadLibraryW
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LCMapStringW
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
SetCurrentDirectoryA
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
GetLastError
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
WriteFile
ExitProcess
GetModuleHandleW
GetProcAddress
EncodePointer
GetStringTypeW
HeapReAlloc
IsProcessorFeaturePresent
FlushFileBuffers
CreateFileW
CloseHandle
lstrcpyA
GetCurrentDirectoryA
GetModuleHandleA
LockResource
GetPrivateProfileStringA
GlobalFree
FindResourceA
GlobalUnlock
lstrlenW
SetConsoleCursorPosition
HeapCreate
SizeofResource
ReadConsoleInputA
WideCharToMultiByte
GlobalAlloc
FindResourceExA
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
FlushConsoleInputBuffer
WaitForSingleObject
GlobalLock
GetCommandLineA
HeapFree
InitializeCriticalSectionAndSpinCount
GetStdHandle
HeapAlloc
LoadResource
lstrlenA
FreeResource
TlsFree

user32

GetDialogBaseUnits
CheckMenuItem
MoveWindow
EndPaint
DestroyWindow
SetCursor
CloseClipboard
SetTimer
GetWindowRect
CreateDialogParamA
PostQuitMessage
SendDlgItemMessageA
FillRect
GetMenuItemID
KillTimer
DrawTextA
GetSubMenu
DrawIconEx
CopyImage
LoadBitmapA
GetParent
LoadIconA
MenuItemFromPoint
GetClientRect
GetMenu
SendMessageA
BeginPaint
GetDC
InflateRect
GetWindowTextLengthA
OffsetRect
GetWindowTextA
MessageBoxA
InvalidateRect
GetWindowLongA
GetClipboardData
CreateWindowExA
SetScrollPos
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
GetSysColor
GetMenuItemInfoA
ShowWindow
GetSysColorBrush
FrameRect
IsWindow
OpenClipboard
MessageBoxW
GetSystemMetrics
SetWindowTextA
LoadImageA
SendMessageW
SetClipboardData
LoadCursorA
DialogBoxParamA

gdi32

PatBlt
SetTextColor
CreateHatchBrush
DeleteDC
GetDeviceCaps
SetBkColor
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
Ellipse
GetObjectA
GetStockObject
CreateSolidBrush
BitBlt

comdlg32

GetOpenFileNameA

advapi32

CloseServiceHandle
RegQueryValueExA
RegCreateKeyA
QueryServiceStatus
ControlService
RegCloseKey
OpenServiceA

shell32

ExtractIconExA
SHGetMalloc
SHGetFolderPathW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

version

GetFileVersionInfoW

shlwapi

StrChrA
SHCreateStreamOnFileA

comctl32

ord17
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Create

secur32

QuerySecurityPackageInfoA

dsound

ord1

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e64c9d06cc5deca782326cecf1fa287

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

avicap32

version

shlwapi

comctl32

secur32

dsound

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 70KB - Virtual size: 70KB

.reloc Size: 6KB - Virtual size: 98KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 70KB - Virtual size: 70KB

.reloc
Size: 6KB - Virtual size: 98KB