ec75e4df889a78c63e2d5819f251bcee3a200246aa39251286e026bfd6041329

Sharing

Copy URL Twitter E-mail

General

Target

ec75e4df889a78c63e2d5819f251bcee3a200246aa39251286e026bfd6041329
Size

338KB
MD5

f0fe0e3b2167663c27adb9f19bef5c8e
SHA1

9bcee652875f25139873dd17fc7f160466013acf
SHA256

ec75e4df889a78c63e2d5819f251bcee3a200246aa39251286e026bfd6041329
SHA512

4fd51abf8408c47861047dca371126ea3bbfda96d1a8f310740aca0b2c945855cd9ce879c0a41deea86103008253b1cfc42c19b1277aa22ab41ab879b9e49f64
SSDEEP

6144:YpRRd02rU7w1c7Q6sn9rFdcKL+XsuqRmoyOgDd/zyjKHqgzFlSr:stHAk1cPs9rtLfuqRmoyOgRwKKgz6r

Score

N/A

Malware Config

Signatures

Files

ec75e4df889a78c63e2d5819f251bcee3a200246aa39251286e026bfd6041329
.exe windows x86

7e2cb6d75f182066cb3e1f711ffd7175

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetStretchBltMode
GetBitmapBits
MoveToEx
GetBkMode
Polyline
GetClipBox
SetWindowOrgEx
CreateBitmap
CreateDCW
SetBkMode
SetViewportOrgEx
SelectClipRgn
CreateSolidBrush
GetTextMetricsA
PolyBezierTo

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_Draw
ImageList_Create
CreatePropertySheetPageW
InitCommonControls
PropertySheetA
PropertySheetW

ntdll

RtlUnicodeToMultiByteN
RtlQueryRegistryValues
RtlRaiseStatus
RtlQueryEnvironmentVariable_U
RtlDosPathNameToNtPathName_U
NtOpenKey
NtOpenDirectoryObject
NtImpersonateAnonymousToken
_wcsnicmp
RtlGetOwnerSecurityDescriptor
RtlEnterCriticalSection
NtAllocateLocallyUniqueId
RtlxUnicodeStringToAnsiSize
RtlAnsiStringToUnicodeString
NtCreateSection
RtlAddAce
RtlConvertSidToUnicodeString
RtlNtStatusToDosError
NtQueryInformationProcess
NtWaitForMultipleObjects
RtlUnicodeStringToOemString
RtlGetDaclSecurityDescriptor
RtlInitializeResource
wcscat
RtlCreateUserThread
NtDeviceIoControlFile
RtlLengthSid
NtTerminateProcess
RtlInitializeSid
_stricmp
RtlxAnsiStringToUnicodeSize
RtlTimeToTimeFields
RtlInitializeGenericTable
NtWriteFile

kernel32

GlobalLock
GetFileAttributesA
EnterCriticalSection
GetCommandLineW
GetProcessHeap
GetModuleHandleW
GetTickCount
WaitForSingleObject
CreateProcessA
GetVersion
CreateThread
FindClose
FindResourceA
DeleteFileW
MultiByteToWideChar
GetSystemTimeAsFileTime
SetEvent
TlsGetValue
OpenEventW
GetCurrentThreadId
GetModuleHandleA
FlushFileBuffers
InterlockedDecrement
FileTimeToLocalFileTime
SetHandleCount
GetACP
GetModuleFileNameW
DisableThreadLibraryCalls
SetEndOfFile
HeapSize
CompareStringW
UnmapViewOfFile
GetEnvironmentStrings
GetExitCodeThread
lstrcmpA
Sleep
WriteConsoleW
lstrcpyA
ResetEvent
CreateDirectoryW
SystemTimeToFileTime
GetDriveTypeW
FindResourceW
GetThreadLocale
CreateMutexA
GetLocaleInfoW
ReadFile
LoadLibraryExW
GetSystemInfo
TlsSetValue
GetVersionExA
CreateMutexW
GetEnvironmentStringsW
CreateEventA
GetFileSize
GlobalFree
SetLastError
SizeofResource
OpenEventA
VirtualAlloc
GetSystemDirectoryW
TlsFree
IsBadReadPtr
GetStdHandle
VirtualProtect
GetCurrentProcessId
GetFileAttributesW
VirtualQuery
LocalFree
GetUserDefaultLCID
GetLocaleInfoA
OutputDebugStringA
CreateFileMappingA
QueryPerformanceCounter
GetSystemTime

comdlg32

PrintDlgW
PrintDlgExW
ChooseColorW
GetSaveFileNameA
PageSetupDlgA
ChooseFontW
GetOpenFileNameA
FindTextA
GetSaveFileNameW
ChooseFontA
GetFileTitleA
GetFileTitleW
PrintDlgA
ChooseColorA
CommDlgExtendedError
GetOpenFileNameW
FindTextW

msvcrt

exit

Sections

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 218KB - Virtual size: 621KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1024B - Virtual size: 995B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e2cb6d75f182066cb3e1f711ffd7175

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

comctl32

ntdll

kernel32

comdlg32

msvcrt

Sections

.tls Size: 5KB - Virtual size: 4KB

.code Size: 14KB - Virtual size: 13KB

.textbss Size: 218KB - Virtual size: 621KB

DATA Size: 1024B - Virtual size: 995B

.rsrc Size: 98KB - Virtual size: 98KB

.tls
Size: 5KB - Virtual size: 4KB

.code
Size: 14KB - Virtual size: 13KB

.textbss
Size: 218KB - Virtual size: 621KB

DATA
Size: 1024B - Virtual size: 995B

.rsrc
Size: 98KB - Virtual size: 98KB