052e5840d29f3d6c968074b57b7036302d3bdc0f3fc23b4e8933732e0fc9bf29

Sharing

Copy URL Twitter E-mail

General

Target

052e5840d29f3d6c968074b57b7036302d3bdc0f3fc23b4e8933732e0fc9bf29
Size

127KB
MD5

894e4a647d758110ae695d25c6a69712
SHA1

69b77e431b41090c30912e32b7aed5bc0c862196
SHA256

052e5840d29f3d6c968074b57b7036302d3bdc0f3fc23b4e8933732e0fc9bf29
SHA512

4e810bb443b599200e8fde47c311cb332150bacb2bf010c77d43ac45e72320a08b8ca727aa703e3ca6c2853420737b9347f4bc793291db3d8c28d76484080f0e
SSDEEP

3072:CBVjsOqYs6nDycZ6DyYpZgR/MuDYLVzR+D7cU:vOq/1W/QX+fcU

Score

N/A

Malware Config

Signatures

Files

052e5840d29f3d6c968074b57b7036302d3bdc0f3fc23b4e8933732e0fc9bf29
.exe windows x86

eb145d2faa0670d319e5885ab579a1a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
ShellExecuteW

ole32

PropVariantClear
DoDragDrop
CoCreateInstance
OleUninitialize
CoTaskMemFree
OleInitialize
ReleaseStgMedium

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
RegEnumKeyW
RegOpenKeyExW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW

comctl32

ImageList_Destroy
ImageList_Create
ImageList_AddMasked

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetLocaleInfoA
HeapSize
CloseHandle
CreateFileA
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GlobalUnWire
SetSystemTimeAdjustment
TlsGetValue
ClearCommError
RemoveVectoredExceptionHandler
GetProcessVersion
GetProcessHeap
GetTapeParameters
GetProcessIoCounters
GetCurrentThread
GetPriorityClass
CreateFileMappingW
GetProcessId
GetCurrentProcess
GetProcessPriorityBoost
GetCommTimeouts
FindFirstFileExW
GetLogicalDrives
GetThreadPriority
FlushViewOfFile
SetMessageWaitingIndicator
RequestDeviceWakeup
AssignProcessToJobObject
EncodeSystemPointer
GetNamedPipeHandleStateA
GlobalDeleteAtom
LockResource
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetStartupInfoA
GetLastError
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapFree
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualAlloc
LoadLibraryA
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb145d2faa0670d319e5885ab579a1a4

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

comctl32

version

kernel32

Sections

.text Size: 32KB - Virtual size: 32KB

.code Size: 4KB - Virtual size: 3KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 17KB - Virtual size: 5.5MB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 32KB - Virtual size: 32KB

.code
Size: 4KB - Virtual size: 3KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 17KB - Virtual size: 5.5MB

.rsrc
Size: 64KB - Virtual size: 63KB