eece5634f533c0552524156b941ff3efc227b938d740517875de4a6cf372b9b3

Sharing

Copy URL

Twitter E-mail

General

Target

eece5634f533c0552524156b941ff3efc227b938d740517875de4a6cf372b9b3
Size

156KB
MD5

ff9bfccf824dc72fe7b494f780d393a5
SHA1

8a25cafc0657f57c4bfafd6f63cf68a1449721c9
SHA256

eece5634f533c0552524156b941ff3efc227b938d740517875de4a6cf372b9b3
SHA512

eda7c64429a15e92cc8cda4808453c9542277a7e0f82a62bc355c108c82b05a293cefee828b916fcb6854684a216834a20fe0c2b4091aa12f8860b810af6bc1e
SSDEEP

3072:N46Wg5XuwIFjVgW4XMI0KnS+6nPh4eH1OS5:NqxYWMiXPmY

Score

N/A

Malware Config

Signatures

Files

eece5634f533c0552524156b941ff3efc227b938d740517875de4a6cf372b9b3
.exe windows x86

cf3e4cd5130913c158d7394868d71aa7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegConnectRegistryW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegLoadKeyW
RegQueryInfoKeyW
RegReplaceKeyW
RegRestoreKeyW
RegSaveKeyW
RegSetValueExW
RegUnLoadKeyW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

CreateFileA
VirtualAlloc
CloseHandle
CreateThread
GetCurrentThreadId
CreateProcessA
GetModuleHandleA
ConnectNamedPipe
SetMessageWaitingIndicator
LockFileEx
IsBadReadPtr
GetHandleInformation
GetStdHandle
WriteFile
FindClose
FindFirstFileW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SwitchToThread
ExitThread
ExitProcess
RaiseException
RtlUnwind
UnhandledExceptionFilter
GetLastError
FreeLibrary
GetCommandLineW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetStartupInfoW
LoadLibraryExW
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
SetThreadLocale
IsValidLocale
CompareStringW
GetVersion
GetSystemInfo
GetTickCount
QueryPerformanceCounter
VirtualQuery
lstrlenW
VirtualFree
Sleep
LocalAlloc
LocalFree
TlsGetValue
TlsSetValue
LoadLibraryA
BeginUpdateResourceW
CreateDirectoryW
CreateEventW
CreateFileW
HeapReAlloc
HeapAlloc
GetCommandLineA
GetStartupInfoA
HeapCreate
HeapFree
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf3e4cd5130913c158d7394868d71aa7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

version

kernel32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 68KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 68KB

.rsrc
Size: 48KB - Virtual size: 47KB