a2aab97ee2884aa6e02b7b7da81dc20fb47e5f3ce1278651214d12f22a2a05fe

Sharing

Copy URL Twitter E-mail

General

Target

a2aab97ee2884aa6e02b7b7da81dc20fb47e5f3ce1278651214d12f22a2a05fe
Size

1.1MB
MD5

eccd1ac6669bbca9d73bd92df102e1c0
SHA1

009f267a5d28031cfa70cf81a5e2200587e44569
SHA256

a2aab97ee2884aa6e02b7b7da81dc20fb47e5f3ce1278651214d12f22a2a05fe
SHA512

a06c872d71429f6ef64846ed28cdfb56bf1c754bab04f709cfa185bb784ca19fefd77a9a280486443f8593dd0658d767298b9ad1a5018a597ccd6619fb3e5967
SSDEEP

24576:PUx8DOj5QT4o64z/Cw0rS6cALa3Ul6JnO15C8lmR8FtdoWe:PPCw0WKj8JgXka/oWe

Score

N/A

Malware Config

Signatures

Files

a2aab97ee2884aa6e02b7b7da81dc20fb47e5f3ce1278651214d12f22a2a05fe
.exe windows x86

50014a993e0f705f3e824c0617e39ea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid

kernel32

LocalSize
RtlMoveMemory
GetCurrentThreadId
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetProcessHeap
SetHandleCount
LoadLibraryA
GetModuleFileNameA
SetFileTime
CreateFileA
SystemTimeToFileTime
CreatePipe
CreateProcessA
PeekNamedPipe
ReadFile
GetExitCodeProcess
GetEnvironmentVariableA
CreateWaitableTimerA
SetWaitableTimer
Sleep
CreateIoCompletionPort
GetQueuedCompletionStatus
InitializeCriticalSection
VirtualFree
VirtualAlloc
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetLocalTime
WriteFile
FreeLibrary
GetProcAddress
LCMapStringA
GetModuleHandleW
FlushFileBuffers
SetStdHandle
LCMapStringW
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
RaiseException
HeapCreate
HeapDestroy
GetVersionExA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
GetVersion
GetCommandLineA
GetStartupInfoA
MultiByteToWideChar

user32

TranslateMessage
DispatchMessageA
PeekMessageA
GetMessageA
wsprintfA
MessageBoxA
IsWindowVisible
IsWindowEnabled
EnableWindow
ReleaseCapture
SetCapture
GetCapture
TrackMouseEvent
CallWindowProcW
MsgWaitForMultipleObjects
WaitForInputIdle
ClientToScreen
GetClientRect
ScreenToClient
GetWindowRect
SetWindowPos
GetMonitorInfoA
EnumDisplaySettingsA
ReleaseDC
GetDC
SetLayeredWindowAttributes
GetClassNameA
GetAncestor
GetParent
DefWindowProcW
EndPaint
FillRect
BeginPaint
GetWindowThreadProcessId
SetFocus
SetForegroundWindow
BringWindowToTop
AttachThreadInput
IsZoomed
IsIconic
ShowWindow
SetWindowLongW
GetWindowLongW
DestroyIcon
CreateIconFromResource
RegisterClassExW
LoadCursorW
CreateWindowExW
GetSysColor
MoveWindow

gdi32

DeleteObject
GetDeviceCaps
CreateSolidBrush

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

imagehlp

MakeSureDirectoryPathExists

shlwapi

PathFindFileNameA

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 888KB - Virtual size: 941KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50014a993e0f705f3e824c0617e39ea4

Headers

File Characteristics

Imports

ole32

kernel32

user32

gdi32

shell32

imagehlp

shlwapi

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 888KB - Virtual size: 941KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 888KB - Virtual size: 941KB

.rsrc
Size: 68KB - Virtual size: 66KB