8e3a47927aa6c1173d640e1ffe26f7a533ef3d623f517fc1f3c87598e7f751e8

Sharing

Copy URL

Twitter E-mail

General

Target

8e3a47927aa6c1173d640e1ffe26f7a533ef3d623f517fc1f3c87598e7f751e8
Size

1.2MB
MD5

b7c704a215da3a8771572670e3acca2b
SHA1

3f4b426a907eaefb94e15b54ecd1890beec90993
SHA256

8e3a47927aa6c1173d640e1ffe26f7a533ef3d623f517fc1f3c87598e7f751e8
SHA512

21f1ebc162a9b0fcde3da7ae23ff2667e0e5444ab9eefdf8c0ac3575a2d9c49bf143828ab230704d1c568b2917634e7c1e086b4c1c40e685404ba505acd6aeed
SSDEEP

24576:bac7yLgZEPsDrfPxWbpbdOTnIAXVBA4xx:zO8SKW1bdOTPU4xx

Score

N/A

Malware Config

Signatures

Files

8e3a47927aa6c1173d640e1ffe26f7a533ef3d623f517fc1f3c87598e7f751e8
.exe windows x86

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
MoveFileW
DeleteFileW
TlsAlloc
GetFileAttributesExW
GetModuleFileNameW
GetFileAttributesW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
GetStdHandle
GetFileType
SetLastError
GetConsoleOutputCP
GetModuleHandleA
Sleep
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
CreateEventW
CloseHandle
SetEvent
WaitForSingleObject
GetProcessHeap
TlsFree
InterlockedIncrement
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
SetThreadPriority
IsProcessorFeaturePresent
DebugBreak
QueryPerformanceFrequency
MulDiv
HeapAlloc
InterlockedCompareExchange
CreateEventA
WideCharToMultiByte
OutputDebugStringA
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetVersion
LocalAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
SystemTimeToFileTime
GlobalMemoryStatus
GetConsoleAliasExesLengthW
AddConsoleAliasW
GetLocalTime
CreateFileW
SetFilePointerEx
TlsSetValue
FreeLibrary
OutputDebugStringW
GetStartupInfoA
CreateFileA
ExitProcess
CreateDirectoryExW
HeapFree
ExitThread
GetConsoleAliasesW

user32

EnumDisplayMonitors
FillRect
GetDC
GetDesktopWindow
EnumDisplaySettingsW
InvalidateRect
EnumDisplayDevicesW
IsIconic
MapWindowPoints
MonitorFromWindow
DefWindowProcW
SetForegroundWindow
SetWindowLongW
MonitorFromRect
GetForegroundWindow
GetWindowRect
RegisterClassW
CreateWindowExW
IsWindow
CharNextA
LoadStringW
IntersectRect

advapi32

IsTextUnicode
RegCloseKey
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemFree
PropVariantCopy
CoCreateInstance
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries

msvcrt

malloc
free

winmm

timeBeginPeriod
timeEndPeriod

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d16e9073428f2b62f9f02cb3a3d2a3e3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

winmm

Sections

.text Size: 120KB - Virtual size: 119KB

.idata Size: 8KB - Virtual size: 4KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 108KB - Virtual size: 2.7MB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 120KB - Virtual size: 119KB

.idata
Size: 8KB - Virtual size: 4KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 108KB - Virtual size: 2.7MB

.rsrc
Size: 32KB - Virtual size: 28KB