e3da3831265a85aad4a1e4496e5988a77032c8709f06117f9b673656d4d7f6a9

Sharing

Copy URL Twitter E-mail

General

Target

e3da3831265a85aad4a1e4496e5988a77032c8709f06117f9b673656d4d7f6a9
Size

214KB
MD5

c61eb1f00532a68964b676fe7f371fcd
SHA1

e3a0f7856b213485e0cb3cb591e20a95b8d9882a
SHA256

e3da3831265a85aad4a1e4496e5988a77032c8709f06117f9b673656d4d7f6a9
SHA512

fab9cc16c51df84c4932b74193bbc506abafe1078cfa403b3124b36cef32f6aa1169c68d66749185962140a187e5d98f7d619b815dd8d7d2ebc7b087f7734b3c
SSDEEP

6144:rh8oiERGtUV3QN3aefZc5P1SqjNteswccy7c35o:18eRgau3aexcrTNFcy7N

Score

N/A

Malware Config

Signatures

Files

e3da3831265a85aad4a1e4496e5988a77032c8709f06117f9b673656d4d7f6a9
.exe windows x86

5e2edfd6c8f317a5e40bad5c9b01f06e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GlobalFindAtomA
CreateNamedPipeA
WaitForMultipleObjects
Beep
CreateMutexA
GetShortPathNameA
lstrcpy
LoadResource
GetTimeFormatA
EndUpdateResourceW
GetCurrentProcessId
GetLongPathNameW
CopyFileExA
lstrcpynW
OpenSemaphoreW
CreateFileMappingW
ExpandEnvironmentStringsA
GetFileTime
CreateMailslotA
lstrcmpA
FileTimeToDosDateTime
GetLocaleInfoW
FreeLibrary
GetModuleHandleA
GetTempFileNameA
IsBadStringPtrW
OpenWaitableTimerW
GetFullPathNameW
LoadLibraryW
lstrcpyA
GetHandleInformation
GetCalendarInfoA
LoadLibraryA
DisconnectNamedPipe
GetProcAddress
GetMailslotInfo
EnumCalendarInfoW
GetLocaleInfoA
GetComputerNameA
FileTimeToSystemTime
GetSystemTime
SuspendThread
FindAtomW
CompareStringW

user32

GetCapture
GetWindowDC
ShowCaret
CreateDialogIndirectParamW
GetClassNameW
EnumDesktopsW
GetDlgItemTextA
DefFrameProcA
GetCapture
SetParent
SetCursorPos
CheckMenuRadioItem
GetMessageW
GetMenuItemInfoW
InsertMenuW
AppendMenuA
CreateWindowExA
MonitorFromPoint
SetMenu
EnumDesktopWindows
IsWindow
PostMessageW
GetMenuState
UpdateLayeredWindow
SetWindowLongA
GetWindowTextW
LoadIconW
CloseWindow
SetActiveWindow
GetKeyboardLayout
SetFocus
GetMenuInfo
GetClassInfoExA
GetSubMenu
CreateDesktopA
GetKeyboardType
GetMenuItemID
EnumChildWindows
BringWindowToTop
EnableWindow
FindWindowA
DialogBoxIndirectParamA
GetClientRect

gdi32

GetICMProfileW
EqualRgn
GetPixelFormat
SelectClipPath
CreatePatternBrush
FloodFill
ResetDCA
CreatePalette
PlayMetaFile
UpdateICMRegKeyA
LineTo
CreatePolygonRgn
GetDCOrgEx
GetCharWidthFloatW
StrokeAndFillPath
Rectangle
CreateScalableFontResourceW
GetRandomRgn
SetMetaRgn
CopyMetaFileW
SetLayout
CreateFontW
GetObjectW

advapi32

RegCloseKey
RegQueryMultipleValuesW
RegSetValueA
RegDeleteValueW
RegEnumValueW
RegQueryValueA
RegRestoreKeyA
RegEnumKeyExA
RegRestoreKeyW
RegQueryInfoKeyA

shlwapi

StrFormatByteSizeW
SHRegEnumUSValueW
SHDeleteKeyW
SHRegQueryUSValueW
PathUnExpandEnvStringsA
PathRemoveArgsW
StrStrW

comdlg32

ChooseFontA
PrintDlgA
PrintDlgW
LoadAlterBitmap
ReplaceTextW
GetSaveFileNameW
GetFileTitleW
PrintDlgExW
GetFileTitleA
GetOpenFileNameW

ole32

IsValidIid
GetClassFile
CoDisconnectObject
CLSIDFromString
CoGetInstanceFromIStorage
CoInitializeEx

oleaut32

VarBoolFromI2
VarR4FromStr
GetAltMonthNames
VarBstrFromI1
VarI8FromCy
VarUI4FromI8

version

GetFileVersionInfoSizeA
VerInstallFileA

ws2_32

connect
getservbyname
inet_ntoa
shutdown
getpeername
WSAEventSelect
accept
WSAAccept
WSAConnect

urlmon

URLDownloadToCacheFileA
CoGetClassObjectFromURL
HlinkSimpleNavigateToMoniker
IsLoggingEnabledA
CopyBindInfo
URLDownloadToFileA
DllCanUnloadNow
IsJITInProgress

winspool.drv

GetPrinterDriverDirectoryA
EnumPrinterKeyW
SetPrinterA
SetPrinterDataW
EndDocPrinter
CreatePrinterIC
GetSpoolFileHandle
AddPrinterW
XcvDataW
AddPrinterConnectionW

inetcomm

MimeOleGetPropertySchema
EssReceiptRequestDecodeEx
CreateIMAPTransport
MimeOleSetBodyPropA
MimeOleParseMhtmlUrl
MimeOleGetBodyPropW
HrGetDisplayNameWithSizeForFile
EssReceiptRequestEncodeEx
MimeOleGetRelatedSection

oledlg

OleUIChangeIconW
OleUIPromptUserW
OleUIBusyA
OleUIAddVerbMenuW
OleUIUpdateLinksA
OleUIBusyW
OleUIUpdateLinksW
OleUIChangeIconA

wsock32

EnumProtocolsW
accept
GetServiceA
WSACancelAsyncRequest
WSApSetPostRoutine
WSASetLastError
WSAAsyncGetServByPort
WSAStartup
listen
WSACancelBlockingCall
recv
NPLoadNameSpaces

crypt32

CryptSignCertificate
CertAlgIdToOID
I_CryptCreateLruEntry
CertFindCertificateInStore
CertStrToNameA
I_CryptReadTrustedPublisherDWORDValueFromRegistry
CryptDecryptAndVerifyMessageSignature

Sections

.edata
Size: 1KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 22KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e2edfd6c8f317a5e40bad5c9b01f06e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comdlg32

ole32

oleaut32

version

ws2_32

urlmon

winspool.drv

inetcomm

oledlg

wsock32

crypt32

Sections

.edata Size: 1KB - Virtual size: 30KB

.rdata Size: 1024B - Virtual size: 5KB

.rdata Size: 17KB - Virtual size: 16KB

.edata Size: 1KB - Virtual size: 22KB

.rdata Size: 1024B - Virtual size: 5KB

.rdata Size: 6KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 26KB

.edata Size: 1KB - Virtual size: 40KB

.data Size: 6KB - Virtual size: 11KB

.rdata Size: 1024B - Virtual size: 25KB

.edata Size: 1KB - Virtual size: 37KB

.rsrc Size: 172KB - Virtual size: 172KB

.reloc Size: 1024B - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 30KB

.rdata
Size: 1024B - Virtual size: 5KB

.rdata
Size: 17KB - Virtual size: 16KB

.edata
Size: 1KB - Virtual size: 22KB

.rdata
Size: 1024B - Virtual size: 5KB

.rdata
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 26KB

.edata
Size: 1KB - Virtual size: 40KB

.data
Size: 6KB - Virtual size: 11KB

.rdata
Size: 1024B - Virtual size: 25KB

.edata
Size: 1KB - Virtual size: 37KB

.rsrc
Size: 172KB - Virtual size: 172KB

.reloc
Size: 1024B - Virtual size: 4KB