edc027564f5977286e563a3ee959aaf3a9f4537050402e7e141eb56f83efacd8

Sharing

Copy URL

Twitter E-mail

General

Target

edc027564f5977286e563a3ee959aaf3a9f4537050402e7e141eb56f83efacd8
Size

228KB
MD5

f851b5f0948c16af290e36a0f4cb9d01
SHA1

568a2cb3bdc72c971573d1dba45240830b8c9810
SHA256

edc027564f5977286e563a3ee959aaf3a9f4537050402e7e141eb56f83efacd8
SHA512

6b6922a98c8d990ec595d34ec50e9a62cca93a1de829679318dd9329a82ebcfa4497730cc0a32bb3a016f6acbf6ca3ea0f60d01dce2f3ce3589cd874dcac227c
SSDEEP

3072:QB7oOPa/VD/hbTCqVpqdQn7Z9XDhPTroJx9OjmvWOv4l:IzgVD/hT3TJTCWOv4

Score

N/A

Malware Config

Signatures

Files

edc027564f5977286e563a3ee959aaf3a9f4537050402e7e141eb56f83efacd8
.exe windows x86

111589b1929589afee7ef3327e6d90dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
Shell_NotifyIconA
FindExecutableA
DuplicateIcon
DragFinish
ExtractAssociatedIconW
ExtractIconA

ole32

MonikerCommonPrefixWith
CreateOleAdviseHolder
ReleaseStgMedium
OleCreateFromDataEx
CoAddRefServerProcess

advapi32

ImpersonateSelf
InitiateSystemShutdownA
RegLoadKeyW
ChangeServiceConfigA
OpenBackupEventLogA
AccessCheckAndAuditAlarmW
DuplicateToken
CreateServiceA
OpenSCManagerW
GetCurrentHwProfileW

kernel32

LoadLibraryW
HeapReAlloc
GetConsoleCP
FlushFileBuffers
SetFilePointer
HeapSize
SetStdHandle
FormatMessageA
EnumSystemCodePagesW
SetCurrentDirectoryW
FindResourceExW
CallNamedPipeW
MoveFileA
OpenFileMappingA
CancelDeviceWakeupRequest
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetLastError
GetDiskFreeSpaceA
GetLogicalDrives
GetCommandLineA
HeapSetInformation
GetStartupInfoW
WriteConsoleW
MultiByteToWideChar
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
HeapFree
CreateFileW
CloseHandle
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
Sleep
RtlUnwind

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

111589b1929589afee7ef3327e6d90dd

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 163KB - Virtual size: 164KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 163KB - Virtual size: 164KB