ee5b16598e38db4e12ba270f0387c909b183cb64545b55ee977ca0c725e17367

Sharing

Copy URL

Twitter E-mail

General

Target

ee5b16598e38db4e12ba270f0387c909b183cb64545b55ee977ca0c725e17367
Size

293KB
MD5

5bc6f8b98a894f15496db3e26ca5699e
SHA1

dc5d8b0422269b1653204830495b4ee215d931e2
SHA256

ee5b16598e38db4e12ba270f0387c909b183cb64545b55ee977ca0c725e17367
SHA512

219af23dad9915e683b13250c477653d3dfc285278da441ff73095ec914358cab2c97e4482e03215161bf6dfa888987c9f8a5ae0f8df905bed232bbb2179412a
SSDEEP

6144:GTUBzw2l1QO/qN5eOHMY6k5hvhHbFfU4UTrbEi2:Zdta2yRp5dhGdT9

Score

N/A

Malware Config

Signatures

Files

ee5b16598e38db4e12ba270f0387c909b183cb64545b55ee977ca0c725e17367
.exe windows x86

a556f49574a7ce977cd4908b4e1271d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
HeapSize
lstrlenW
FormatMessageW
GetACP
HeapFree
SetThreadLocale
EnterCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
CloseHandle
RaiseException
HeapReAlloc
LeaveCriticalSection
GetSystemTimeAsFileTime
lstrlenA
IsDebuggerPresent
GetProcessHeap
HeapDestroy
GetCurrentThreadId
HeapAlloc
GetThreadLocale
GetFullPathNameA
VirtualAlloc

shell32

SHGetFolderPathW

oleaut32

VariantCopy
SafeArrayCopy
SafeArrayRedim
VariantClear
SafeArrayGetLBound
SysAllocString
LoadTypeLi
SysStringByteLen
SystemTimeToVariantTime
SysAllocStringByteLen
SafeArrayCreate
VariantCopyInd
VariantTimeToSystemTime
SafeArrayGetUBound
SafeArrayUnlock
SafeArrayGetVartype
SafeArrayLock
LoadRegTypeLi
VariantChangeType
SafeArrayDestroy
GetErrorInfo
SysStringLen
VariantInit
SysFreeString

userenv

UnloadUserProfile

advapi32

CopySid
GetTokenInformation
GetLengthSid
ReportEventW
OpenThreadToken
OpenProcessToken
EqualSid
RegisterEventSourceW
DeregisterEventSource
IsValidSid

user32

UnregisterClassA

ole32

CLSIDFromProgID
CoCreateInstance
CoImpersonateClient
CoRevertToSelf

shlwapi

PathAppendW

iphlpapi

GetTcpTable
GetUdpTable
SetAdapterIpAddress
DisableMediaSense
GetFriendlyIfIndex
DeleteIPAddress
SetIpNetEntry
InternalDeleteIpNetEntry
GetAdapterOrderMap
GetUdpStatistics

dmocx

DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a556f49574a7ce977cd4908b4e1271d1

Headers

File Characteristics

Imports

kernel32

shell32

oleaut32

userenv

advapi32

user32

ole32

shlwapi

iphlpapi

dmocx

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 269KB - Virtual size: 652KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 269KB - Virtual size: 652KB

.rsrc
Size: 512B - Virtual size: 4KB