e2c00a0864564d0790604768594f851a44d18512ad7163a18ee9e743a3df6635

Sharing

Copy URL Twitter E-mail

General

Target

e2c00a0864564d0790604768594f851a44d18512ad7163a18ee9e743a3df6635
Size

282KB
MD5

6f12dde0d62372cb08952bcd1fe5a48d
SHA1

365831cf1d5c613b652bc69053ae8eee825f45e7
SHA256

e2c00a0864564d0790604768594f851a44d18512ad7163a18ee9e743a3df6635
SHA512

bce10956e0281928ea33cbf782f0ceef212d6157b4ce2cf3ce530968ad28531f0aa7ce7bd96922739609ce8f3a5da2dddb4b85add8e305b7d245f5bc96e5983a
SSDEEP

6144:EPAaqkkFJkpfKieEZrkzbPYfbyK+CZohVktjlc3srdLUdpNdDVc9MqUgcB2CDUGQ:YHqZkpfKieEZrkzbPYfbyK+CZauZwpNw

Score

N/A

Malware Config

Signatures

Files

e2c00a0864564d0790604768594f851a44d18512ad7163a18ee9e743a3df6635
.exe windows x86

04ed877cd611f35e95a23da042e57401

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetDateFormatA
lstrlenA
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleFileNameA
GetLastError
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
DeleteCriticalSection
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
SetStdHandle
InitializeCriticalSection
RaiseException
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeLibrary
InterlockedExchange
CloseHandle
SetFilePointer
GetLocaleInfoW
GetOEMCP
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
LoadLibraryA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
HeapSize
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA

user32

LoadStringA
CharNextA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA

ole32

CoInitialize
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SysAllocString
VariantTimeToSystemTime
VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 192KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04ed877cd611f35e95a23da042e57401

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 9KB

.vmp0 Size: 192KB - Virtual size: 1.3MB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 9KB

.vmp0
Size: 192KB - Virtual size: 1.3MB