e4bf579bb605726df67f9261427d9574b86a5198dc52732c62a91634bea78251

General

Target

e4bf579bb605726df67f9261427d9574b86a5198dc52732c62a91634bea78251
Size

694KB
MD5

29d8cebc9f38a0f06da737fcce08b490
SHA1

f3e990657bfda43c4d47843f7fc3fbda7336e6f4
SHA256

e4bf579bb605726df67f9261427d9574b86a5198dc52732c62a91634bea78251
SHA512

d9f1e008dca0ebda0a90a41a4362766d57558cd5a30116ef787a7ab848028e92d65c755ef5dc20fe9dcf49684616bfa875fd9acad63423b969126e10f1f24661
SSDEEP

12288:r0vSN3UbuJs9yi1/Q63q2yq7x3xDntNZJdo8NroJ:QvC3yud8/Q63+Y3xDntNZJdoiroJ

Score

N/A

Malware Config

Signatures

Files

e4bf579bb605726df67f9261427d9574b86a5198dc52732c62a91634bea78251
.exe windows x86

f03709c8ce52c37a75d6fbd5b3fc9835

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SuspendThread
CreateEventA
WriteFile
GetCurrentProcessId
DeleteFileA
CreateMutexA
IsDebuggerPresent
CreateThread
ExitThread
GetUserDefaultUILanguage
GetSystemDefaultLangID
GetFileSize
GetProcAddress
GetModuleHandleA
FatalExit
GetVersionExA
CloseHandle
GetComputerNameA
SetFilePointer
LocalAlloc
CreateFileA
GetCurrentDirectoryA
GetLogicalDrives
GetCommandLineA
GetCurrentProcess
VirtualFree
LoadLibraryA
DebugBreak
GetExitCodeProcess
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
WaitForSingleObject
AllocConsole

user32

RegisterClassA
GetSystemMetrics
InSendMessage
GetCaretBlinkTime
EndMenu
GetCapture
ShowWindow
SetCapture
GetDialogBaseUnits
SendMessageA
FindWindowA
GetDoubleClickTime
CloseClipboard
GetCursor
GetMessageTime
GetSysColor
GetActiveWindow
GetFocus
MessageBoxA
CreateDialogParamA
wsprintfA

ole32

CoInitialize
CoFreeAllLibraries
OleUninitialize
CoSuspendClassObjects
CoUninitialize
CoFreeUnusedLibraries

gdi32

GdiFlush

shlwapi

SHReleaseThreadRef

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 508KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f03709c8ce52c37a75d6fbd5b3fc9835

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

gdi32

shlwapi

Sections

.text Size: 184KB - Virtual size: 183KB

.rsrc Size: 1KB - Virtual size: 1KB

.vmp0 Size: 508KB - Virtual size: 1.6MB

.text
Size: 184KB - Virtual size: 183KB

.rsrc
Size: 1KB - Virtual size: 1KB

.vmp0
Size: 508KB - Virtual size: 1.6MB