e06e522177cebe6a1cf04ff578f3206537e336b5da04c3e75f4dd7cff7ad5fe2

Sharing

Copy URL Twitter E-mail

General

Target

e06e522177cebe6a1cf04ff578f3206537e336b5da04c3e75f4dd7cff7ad5fe2
Size

99KB
MD5

799b433701ea8bac17c48596a37efbe4
SHA1

20a2ed83ea656f58d6a90e2a70a9e51f0ecd18a3
SHA256

e06e522177cebe6a1cf04ff578f3206537e336b5da04c3e75f4dd7cff7ad5fe2
SHA512

2bb75054a1a8aeac3b0205101de003dfb03b14e62684e36c5a441a711b555b265c818a569538b520a6f80e646c49490c7e6498d16e53d0eaaa8453875bd67928
SSDEEP

3072:8dI1Xf9QBMBt+2tdSdi74i7GUTqgppQh:B1f9QBz2tdScMiCUOgpC

Score

N/A

Malware Config

Signatures

Files

e06e522177cebe6a1cf04ff578f3206537e336b5da04c3e75f4dd7cff7ad5fe2
.exe windows x86

090891d3cf86a9b3c1a9e25188ccc7f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

printf
exit
__p__fmode
_except_handler3
__set_app_type
fprintf
__p__commode
_adjust_fdiv
_exit
_XcptFilter
__getmainargs
fclose
__setusermatherr
calloc
_acmdln
strcmp
free
_initterm

kernel32

LoadLibraryExW
InterlockedIncrement
GetTempPathA
GetModuleHandleW
GetFileAttributesW
VirtualProtectEx
GetEnvironmentVariableA
GetProcAddress

advapi32

RegCloseKey
CryptCreateHash
RegDeleteKeyW
OpenServiceW
RegOpenKeyW
CryptDestroyHash

ole32

ReleaseStgMedium
ProgIDFromCLSID
CreateStreamOnHGlobal
CoCreateGuid
CreateILockBytesOnHGlobal

user32

GetScrollRange
GetClassNameA
UnhookWindowsHookEx
GetWindowThreadProcessId

gdi32

DeleteEnhMetaFile
CreatePenIndirect
GetPaletteEntries
GetNearestPaletteIndex
GetTextMetricsW
GetMetaFileBitsEx
GetWindowOrgEx
MaskBlt
EnumEnhMetaFile

oleaut32

SafeArrayPtrOfIndex
SetErrorInfo
SafeArrayRedim
VariantCopyInd
SysFreeString
SafeArrayGetElement
SysAllocStringByteLen

shell32

FindExecutableW
ExtractIconA
SHBindToParent
ShellExecuteExW
ShellExecuteEx
SHGetSpecialFolderLocation

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 38KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

090891d3cf86a9b3c1a9e25188ccc7f5

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

ole32

user32

gdi32

oleaut32

shell32

comctl32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 38KB - Virtual size: 63KB

.rsrc Size: 55KB - Virtual size: 136KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 38KB - Virtual size: 63KB

.rsrc
Size: 55KB - Virtual size: 136KB