aebac8f65a18886a55b5c1ed12df5473d54a78624ade456c2c6837e30a84ca5a

Sharing

Copy URL Twitter E-mail

General

Target

aebac8f65a18886a55b5c1ed12df5473d54a78624ade456c2c6837e30a84ca5a
Size

456KB
MD5

53ce4135061e993b3300460d3c9b8ef9
SHA1

4ae5f8699fada54fcdced49d4984cd8f1f001d6c
SHA256

aebac8f65a18886a55b5c1ed12df5473d54a78624ade456c2c6837e30a84ca5a
SHA512

06ca98e2f1ff3f82d09cf01adc4f6adbe808593bb7314ec5f0e671ea4e2df0e0641e51cb62639c5a0f53b6f431c69c833902402e4b6da744f75f30fa7c9b4812
SSDEEP

12288:3tFVq5ICY9gysTongDH/ye8Y9rmoaiPMWOw5lQk:3kaCgIPuoRUw5ik

Score

N/A

Malware Config

Signatures

Files

aebac8f65a18886a55b5c1ed12df5473d54a78624ade456c2c6837e30a84ca5a
.exe windows x86

2e1eb77e635d1ce84c61baf54f915f85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZOpenFileA
LZClose

kernel32

CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
TerminateProcess
CloseHandle
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
FreeLibrary
GetWindowsDirectoryA
lstrcatA
CreateFileA
GetFileSize
GetVersionExA
SetEndOfFile
CreateMutexA
GetLastError
WriteFile
ReadFile
GetModuleFileNameA
GetTickCount
FindResourceA
SizeofResource
LoadResource
LockResource
ExitProcess
GetStringTypeA
LCMapStringW
GetVolumeInformationA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetCurrentProcess
HeapFree
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetStdHandle
FlushFileBuffers
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter

user32

wsprintfA

shlwapi

StrChrA
StrStrIA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newsec
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e1eb77e635d1ce84c61baf54f915f85

Headers

File Characteristics

Imports

lz32

kernel32

user32

shlwapi

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 400KB - Virtual size: 398KB

.newsec Size: 12KB - Virtual size: 12KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 400KB - Virtual size: 398KB

.newsec
Size: 12KB - Virtual size: 12KB