e4894c717f25537ade4488d37b54865f572cac1cc9c93705f8ef29b8e770bdd4

General

Target

e4894c717f25537ade4488d37b54865f572cac1cc9c93705f8ef29b8e770bdd4
Size

207KB
MD5

1ba95ef2ef2d3683db8d2aca4102f18e
SHA1

c7610e90469ff620eb8d3337f836728354a55b3e
SHA256

e4894c717f25537ade4488d37b54865f572cac1cc9c93705f8ef29b8e770bdd4
SHA512

df2f183b00083105191d48c21eae056cbc31c99b82ffeed31507a5b18bd4029100bce1fa7440a38ad71948e51f0f3939d51b552c083d1be7531611cd8ee1c817
SSDEEP

6144:36p6YOpLSBqY17afP8zaqVBe6ywlW1ADcEUGzPCi:3sNO1SBa8za9Z86ADcEUW

Score

N/A

Malware Config

Signatures

Files

e4894c717f25537ade4488d37b54865f572cac1cc9c93705f8ef29b8e770bdd4
.exe windows x86

5ee4b29ef9fc1b45f79edca5a1f43ba1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberFormatW
TerminateProcess
GetNamedPipeHandleStateW
GetLogicalDriveStringsA
GetProcAddress
VirtualAlloc
HeapReAlloc
GetLongPathNameA
LocalUnlock
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
LoadModule
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
lstrcmpi
lstrcatW
EnumSystemLocalesW
InterlockedExchange
RtlUnwind
WriteConsoleOutputAttribute
EnumCalendarInfoExW
VirtualQuery
IsDebuggerPresent
ReadConsoleA
FreeLibrary
HeapCreate
TerminateThread
ExitProcess
GetTickCount
GetExitCodeProcess
CreateToolhelp32Snapshot
HeapFree
CreateProcessW
GetModuleFileNameA
OpenFileMappingA
LoadLibraryA
QueryPerformanceCounter
GetAtomNameW

shell32

ExtractIconA
RealShellExecuteExA
ExtractAssociatedIconA
SHGetFileInfo
DoEnvironmentSubstW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SheChangeDirA
ExtractAssociatedIconExA
SHQueryRecycleBinW
RealShellExecuteA
DragQueryFileW
SHFreeNameMappings
SHFileOperation
SheGetDirA
SHChangeNotify
DuplicateIcon
DragQueryFileAorW
SHGetPathFromIDListW

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ee4b29ef9fc1b45f79edca5a1f43ba1

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 70KB - Virtual size: 69KB

.data Size: 125KB - Virtual size: 125KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 70KB - Virtual size: 69KB

.data
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 11KB - Virtual size: 10KB