8edb7a182b20948aa3f391312e06f153928110b773ad6c6deaab1f87757cda9a

Sharing

Copy URL Twitter E-mail

General

Target

8edb7a182b20948aa3f391312e06f153928110b773ad6c6deaab1f87757cda9a
Size

161KB
MD5

6eabdf49539ef8be2bdfde4b15844331
SHA1

00cb8ac2b176e17b686590c3305d2bc6ee37866e
SHA256

8edb7a182b20948aa3f391312e06f153928110b773ad6c6deaab1f87757cda9a
SHA512

4df145820126f3b7bd6a950ee339b5978970de198ee59937860021bc8eea34515a17f0b0ed4b40d62596dd76cad8ae02be06eb33024e1e312c9700a9a278ec19
SSDEEP

3072:s8VOHoYlZpw8Ag0FuyEDAz0bpd9b/HJ1:8HoYlZK8AOlAAbpd9j

Score

N/A

Malware Config

Signatures

Files

8edb7a182b20948aa3f391312e06f153928110b773ad6c6deaab1f87757cda9a
.exe windows x86

a35d1a660edeb14f7d8cbe6ba54bef67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapSize
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
SetUnhandledExceptionFilter
GetModuleFileNameW
LoadLibraryW
LCMapStringW
GetStringTypeW
HeapReAlloc
CreateActCtxA
GetLastError
GetCurrentProcess
CloseHandle
GetLocalTime
MultiByteToWideChar
HeapCreate
LocalAlloc
GetProcAddress
GetProcessHandleCount
lstrcpyA
FreeLibrary
LoadLibraryA
EnumSystemCodePagesW
AllocConsole
GetStdHandle
GetModuleHandleA
GetCurrentProcessId
WriteFile
ExitProcess
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
DecodePointer
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue

user32

IsDlgButtonChecked
LoadBitmapA
SetTimer
KillTimer
LoadImageA
DefWindowProcA
BeginPaint
ReleaseDC
EndPaint
GetWindow
GetMonitorInfoA
SendMessageA
GetWindowRect
MonitorFromRect
GetClientRect
InvalidateRect
LoadIconA
LoadCursorA
RegisterClassExA
CreateDialogParamA
ShowWindow
UpdateWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetMessageA
DialogBoxParamA
DestroyWindow
GetDC
SetFocus
MoveWindow
PostQuitMessage
CreateWindowExA
GetSystemMetrics
SetWindowRgn

gdi32

CreateDIBSection
GdiFlush
GetObjectA
DeleteObject
SelectObject
CreateRectRgn
CreateFontW
BitBlt
CreatePen
CreateSolidBrush
Ellipse
CreateFontIndirectA
BeginPath
SetBkMode
TextOutA
EndPath
PathToRegion
CreateCompatibleDC

comdlg32

ChooseFontA

advapi32

LookupAccountNameA
OpenProcessToken
GetTokenInformation
SetNamedSecurityInfoA
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetFileSecurityA

ole32

CLSIDFromString

msimg32

GradientFill

secur32

LsaGetLogonSessionData

dbghelp

SymGetSymFromAddr
UnDecorateSymbolName

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a35d1a660edeb14f7d8cbe6ba54bef67

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

msimg32

secur32

dbghelp

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 6KB - Virtual size: 6KB