e09f8bf937543d1f7daa56662d0b210b81c47f5ae6870c904a14fa47fcecfb83

Sharing

Copy URL Twitter E-mail

General

Target

e09f8bf937543d1f7daa56662d0b210b81c47f5ae6870c904a14fa47fcecfb83
Size

186KB
MD5

164903ce22a3b2f0efac6ad245837116
SHA1

1f719ae32d604ebb0095c5c05e88dea5ef1c822f
SHA256

e09f8bf937543d1f7daa56662d0b210b81c47f5ae6870c904a14fa47fcecfb83
SHA512

02b7844507487762e852d841fe9214f5f278f6e0215ea226f4979f201b2c68c078814bb27791a0f90683145c56565d5c33668da7de22bef615dd515a34778d23
SSDEEP

3072:aR+MenYU9hOi4+XPzgKp4i+Zoyy4mvWUGqISg0efQz1fHBroIJOdm6+0dlmvU2cR:9d7zXPzgLLoVbvWUGqHg4zRhbJO46Hl3

Score

N/A

Malware Config

Signatures

Files

e09f8bf937543d1f7daa56662d0b210b81c47f5ae6870c904a14fa47fcecfb83
.exe windows x86

67b52652514f1907c58f4be7017de2a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW
DragAcceptFiles

advapi32

GetUserNameW
SetSecurityDescriptorDacl
RegSetValueExW
AddAccessAllowedAce
AddAccessDeniedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
AreAnyAccessesGranted
CheckTokenMembership
CryptSetProvParam
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
LsaRetrievePrivateData
OpenProcessToken
OpenThreadToken
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA

msvcrt

wctomb
wcsrchr
wcsncpy
wcsncmp
towupper
towlower
swscanf
strtoul
strstr
strncmp
strncat
strcspn
strchr
sscanf
realloc
qsort
printf
memmove
memcpy
malloc
ldexp
iswupper
iswspace
iswprint
iswdigit
iswalpha
iswalnum
isspace
isprint
isleadbyte
ftell
fseek
fprintf
fgets
feof
ceil
atol
atoi
_wtol
_wstrtime
_wsetlocale
_write
_wrename
_wgetenv
_wctime
_wcsupr
_wcsnicmp
_wcslwr
_vsnwprintf
_strnicmp
_stricmp
_spawnlp
_spawnl
_snwprintf
_snprintf
_setsystime
_purecall
_popen
_onexit
_memicmp
_lseeki64
_lrotl
_itow
_ismbcsymbol
_ismbcspace
_isatty
_iob
_initterm
_heapused
_getche
_fileno
_execl
_errno
_atoi64
_amsg_exit
__pioinfo
__doserrno
__dllonexit
__badioinfo
__CxxFrameHandler
_XcptFilter
_wtmpnam

version

VerFindFileA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

kernel32

ExitProcess
EnterCriticalSection
WriteProcessMemory
WriteFile
WaitNamedPipeW
WaitForSingleObjectEx
WaitForMultipleObjects
WaitCommEvent
VirtualQueryEx
VirtualProtectEx
VirtualProtect
VirtualFree
VirtualAllocEx
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TerminateThread
SwitchToFiber
SuspendThread
SleepEx
SizeofResource
SetUnhandledExceptionFilter
SetThreadContext
SetFilePointer
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetCommTimeouts
SetCommState
SetCommMask
RtlUnwind
ResetEvent
ReleaseSemaphore
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
PeekNamedPipe
OutputDebugStringA
OpenProcess
OpenFileMappingW
OpenEventW
MapViewOfFile
LockResource
LocalFree
LoadResource
LoadLibraryA
LeaveCriticalSection
IsBadWritePtr
IsBadCodePtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InterlockedCompareExchange
HeapFree
HeapDestroy
HeapAlloc
GetThreadTimes
GetThreadSelectorEntry
GetThreadPriority
GetThreadContext
GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryA
GetProcessTimes
GetProcAddress
GetOverlappedResult
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
GetLastError
GetFileSizeEx
GetExitCodeProcess
GetEnvironmentVariableA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
GetCommTimeouts
GetCommState
GetCommModemStatus
FreeLibrary
FindFirstFileA
FileTimeToSystemTime
DuplicateHandle
FileTimeToLocalFileTime
CancelIo
ClearCommError
ConnectNamedPipe
ContinueDebugEvent
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateNamedPipeW
CreateRemoteThread
CreateSemaphoreA
CreateThread
DebugActiveProcess
DebugBreak
DeleteFiber
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
FileTimeToDosDateTime

Exports

Exports

DescribeMcdPixelFormat
FBuildTempPath
GetDllMajorVersion
HrCreatePhonebookEntry
SetSystemParameter
TextureStatus

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67b52652514f1907c58f4be7017de2a3

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

msvcrt

version

kernel32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 10KB - Virtual size: 9KB