e2a63790f641f0eef2689f693740d566b9d701ed3d30aae745ffd0ae4acec342

Sharing

Copy URL

Twitter E-mail

General

Target

e2a63790f641f0eef2689f693740d566b9d701ed3d30aae745ffd0ae4acec342
Size

190KB
MD5

0efd60d786dcbb576ae58e972c1a2af7
SHA1

3e5dbf1c1705301e7c74702eaf2a15dbe61633b9
SHA256

e2a63790f641f0eef2689f693740d566b9d701ed3d30aae745ffd0ae4acec342
SHA512

5053692afa2765c832f1ab031d096a0be27189e9ef96ca2e6d3aa991fbd5312c16130c59ede024a32f531fe2cd6caf4d542e5b7a75d43543134f6df0b7d68c7f
SSDEEP

3072:tJHZhFQur3ZsZ3o2HO/Kmj0itWbTV8NVT+x02z6YF69XJ79eoExd8:HHZPDri3MiQtWaNdqBz6YKDbOd

Score

N/A

Malware Config

Signatures

Files

e2a63790f641f0eef2689f693740d566b9d701ed3d30aae745ffd0ae4acec342
.exe windows x86

fb94e0ad940d3f5d51020db8553812c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDesktopA
PostMessageA
GetDlgItemTextW
PeekMessageA
LoadMenuW
IsDialogMessageA
CharToOemA
IsCharLowerA
GetClassLongA
CreateWindowExA
GetPropW
DrawStateW
InsertMenuW
DispatchMessageA
GetMessageW
LoadIconW
LoadCursorW

shlwapi

UrlGetLocationA
PathIsRootW
UrlHashW
UrlIsW
PathCombineW
UrlCanonicalizeW
UrlCompareW
UrlCreateFromPathW
UrlEscapeW
UrlCombineW
UrlUnescapeW

shell32

StrChrA
ShellAboutW
DragQueryFileW
DllUnregisterServer
StrRChrA
SHChangeNotify
SHGetDiskFreeSpaceA
ExtractIconW
SHGetDataFromIDListA
SHAlloc

kernel32

GetCommandLineA
GetModuleHandleA
GetTickCount
CreateFileW
LoadLibraryExW
VirtualAllocEx
GetProcessHeap
FindFirstFileA
SetCurrentDirectoryW
CreateMutexW
LoadLibraryW
CloseHandle
GetCurrentDirectoryW
GetTempPathA
Sleep
GetACP
GetLongPathNameW
HeapReAlloc

comsvcs

RecycleSurrogate
CoLoadServices
CoEnterServiceDomain

advapi32

GetUserNameA
OpenEventLogW
RegOpenKeyA
RegUnLoadKeyA
RegDeleteValueW
RegEnumKeyA
CryptSignHashA
InitializeSid
RegReplaceKeyA
ReadEventLogA
RegLoadKeyA
RegRestoreKeyA
RegSaveKeyW

clusapi

CloseClusterNode
CloseClusterGroup

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.kdata
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloy
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb94e0ad940d3f5d51020db8553812c7

Headers

DLL Characteristics

File Characteristics

Imports

user32

shlwapi

shell32

kernel32

comsvcs

advapi32

clusapi

Sections

.text Size: 22KB - Virtual size: 21KB

.kdata Size: 160KB - Virtual size: 159KB

.ldata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloy Size: 4KB - Virtual size: 3KB

.text
Size: 22KB - Virtual size: 21KB

.kdata
Size: 160KB - Virtual size: 159KB

.ldata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloy
Size: 4KB - Virtual size: 3KB