e1808baee42107aeb5dfacc906ff38d844b47fa15d8fb661362df8a2e799c34f

Sharing

Copy URL Twitter E-mail

General

Target

e1808baee42107aeb5dfacc906ff38d844b47fa15d8fb661362df8a2e799c34f
Size

5.9MB
MD5

12f45bcabcaef79b38f954134943f8ae
SHA1

0e553a44246f6f3541f8c7e11085c80401982611
SHA256

e1808baee42107aeb5dfacc906ff38d844b47fa15d8fb661362df8a2e799c34f
SHA512

82756a041833bfb79cd0e71afc46f21accb32c98ac60afe3139360eacf43e50b57214442947c5f03c117df5b749152ab263845de3d1f1bac45c92e92445ae245
SSDEEP

98304:zpOvrZnZc5wknlbfWwBc/XXUwBzorwac3lBtra/W+nQPTPLdMz47mEgDedBNZk:zYzZnKnZWwy/XEwBzBbtGvncJCDsN+

Score

N/A

Malware Config

Signatures

Files

e1808baee42107aeb5dfacc906ff38d844b47fa15d8fb661362df8a2e799c34f
.exe windows x86

d70236a95b7605c7e92410ff5b420b65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
HeapAlloc
LoadLibraryA
ResumeThread
CreateMutexA
CloseHandle
GetCurrentProcess
GetLastError
GetTickCount
FileTimeToLocalFileTime
GetProcAddress
ExitThread
SetLastError
GetModuleHandleA
GetVersionExA
FileTimeToSystemTime
GetModuleHandleExW
Sleep
LocalFileTimeToFileTime
VirtualProtect
CreateFileW
GetLocalTime
GetCurrentProcessId
WaitForSingleObjectEx
CreateFileA
HeapFree
DeleteCriticalSection
VirtualFree
InterlockedCompareExchange
VirtualAlloc
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
FlushFileBuffers
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount

advapi32

RegCloseKey
RegQueryValueW
RegOpenKeyA
RegEnumKeyW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExA

user32

RedrawWindow
MsgWaitForMultipleObjects
LoadIconA
CreateWindowExW
EnumWindows
GetWindowTextA
FindWindowW
PostMessageA
SetForegroundWindow
DestroyWindow
TrackPopupMenu
SetWindowPos
SendMessageW
RegisterClassExW
GetSystemMetrics
DispatchMessageW
RegisterWindowMessageW
GetWindowRect
MessageBoxW
PostMessageW
UpdateWindow
RegisterWindowMessageA
SendMessageA
GetMessageW
PostQuitMessage
GetWindowTextW
GetDlgItem
DefWindowProcA
CloseDesktop

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d70236a95b7605c7e92410ff5b420b65

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 444KB - Virtual size: 443KB

.rdata Size: 320KB - Virtual size: 320KB

.data Size: 5.1MB - Virtual size: 5.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 444KB - Virtual size: 443KB

.rdata
Size: 320KB - Virtual size: 320KB

.data
Size: 5.1MB - Virtual size: 5.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 28KB