9e858b980abf7c9ed029b4eb6901d899d25eb2824f0c4f22af349387005252f6

Sharing

Copy URL Twitter E-mail

General

Target

9e858b980abf7c9ed029b4eb6901d899d25eb2824f0c4f22af349387005252f6
Size

226KB
MD5

a0300c43185ab3d94962cd115f5fb7a3
SHA1

eb5acd9e13949ceb52d24070a822307fb3383b74
SHA256

9e858b980abf7c9ed029b4eb6901d899d25eb2824f0c4f22af349387005252f6
SHA512

647d5beb86f74775fdf573581480d1b282a5302d3c9b635bcb6ce28e004783bd8eee38ea4270cbf19a826391d74d766510a4281a7e8875760a9b977e43946263
SSDEEP

3072:WibUh9FCKmHWY5Z3726eS+mF0nE04fvf3UA70iDY+pIbmx:WibUhHCz2UnfH2iYbm

Score

N/A

Malware Config

Signatures

Files

9e858b980abf7c9ed029b4eb6901d899d25eb2824f0c4f22af349387005252f6
.exe windows x86

2b4fbb570bfe9ff6badabe206e58f732

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractIconExW
ShellExecuteExW
FindExecutableA
DragQueryFileA
DragQueryFileW
ExtractIconA
Shell_NotifyIconW
ShellExecuteExA

ole32

OleQueryLinkFromData
DoDragDrop
WriteClassStg
CoFileTimeNow

advapi32

LookupAccountNameW
RegSetValueExW
GetSidIdentifierAuthority
DeleteService
GetKernelObjectSecurity
PrivilegedServiceAuditAlarmA
AllocateAndInitializeSid
RegRestoreKeyA

kernel32

FlushFileBuffers
GetConsoleCP
HeapSize
CloseHandle
WriteConsoleW
SetFilePointer
SetStdHandle
CreateFileW
GetConsoleMode
SetUnhandledExceptionFilter
GetProfileIntA
TerminateProcess
GetDiskFreeSpaceExA
AddAtomW
GetFileType
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetLastError
GetProcAddress
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapAlloc
HeapReAlloc
RtlUnwind
LoadLibraryW
IsProcessorFeaturePresent

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b4fbb570bfe9ff6badabe206e58f732

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 163KB - Virtual size: 164KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 163KB - Virtual size: 164KB