ec1c3729aba06c782e11eb10a106dcc071ff54052c58cf8dbb9fe3a2bd142790

Sharing

Copy URL Twitter E-mail

General

Target

ec1c3729aba06c782e11eb10a106dcc071ff54052c58cf8dbb9fe3a2bd142790
Size

764KB
MD5

457ea944d573fbf87c384e0b0bd9c60a
SHA1

f3f2e3df55de57225b807daaff6d7266d155d64c
SHA256

ec1c3729aba06c782e11eb10a106dcc071ff54052c58cf8dbb9fe3a2bd142790
SHA512

f52440b7dcfafb05fe54b42ef50a7f8c7c1f30123294dd34b9c00d221ba2430c6854fe6cecb73ffd9ae8f442755fc5dfd997d8a7a66f78f91f50f58e33088034
SSDEEP

12288:gXKDaGmCEOfNoveF1/S+yBYegMz/W4v6NYGE6nrA88eSA3Nha7B:gXKDacfNomrTyB3gMzqaGEELT336N

Score

N/A

Malware Config

Signatures

Files

ec1c3729aba06c782e11eb10a106dcc071ff54052c58cf8dbb9fe3a2bd142790
.exe windows x86

ee1fa2607e896f553f7d8f36398852a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetFileAttributesA
GetProcAddress
LoadLibraryA
FreeResource
SizeofResource
LoadResource
FindResourceA
ReadFile
SetEndOfFile
GetLocaleInfoW
HeapSize
IsValidLocale
EnumSystemLocalesA
DeleteFileA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
SetStdHandle
InterlockedExchange
FreeLibrary
RemoveDirectoryA
CreateDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
CopyFileA
GetTempFileNameA
LockResource
MoveFileExA
GetTimeZoneInformation
CompareStringA
CompareStringW
GetLocaleInfoA
VirtualAlloc
GetLastError
HeapFree
HeapAlloc
MoveFileA
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetEnvironmentVariableA
HeapReAlloc
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
LCMapStringA
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
SetConsoleCtrlHandler

user32

LoadCursorA
RegisterClassExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
PostQuitMessage
LoadIconA
SetClassLongA
LoadImageA
CreateWindowExA
SendMessageA
BeginPaint
GetClientRect
MoveWindow
DrawTextA
EndPaint
DefWindowProcA

gdi32

CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 616KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee1fa2607e896f553f7d8f36398852a5

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 616KB - Virtual size: 613KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 616KB - Virtual size: 613KB