e135ad5f1d33595159a328fff554f227c75beb023629598ac0ee737ae3280432

Sharing

Copy URL Twitter E-mail

General

Target

e135ad5f1d33595159a328fff554f227c75beb023629598ac0ee737ae3280432
Size

236KB
MD5

d78647050930df85cea24f39b425b15c
SHA1

453c45c2092e3295d8fe238ebad929330a77d747
SHA256

e135ad5f1d33595159a328fff554f227c75beb023629598ac0ee737ae3280432
SHA512

a94fcec01fe12bfbda76c1315f6f72f199c5f1565c51d665d1cb0638f5568bb6abc0a6d5726eebe7cdc0bc7666fe73288b712b44ee85a125fd36714f6714e18a
SSDEEP

6144:hXqvNsxfe78RH2BXZMsFQx69pdTVw0rSli:R/xfF2lfFQx6XdhzWQ

Score

N/A

Malware Config

Signatures

Files

e135ad5f1d33595159a328fff554f227c75beb023629598ac0ee737ae3280432
.exe windows x86

522997c4788eb65b5b6e497a3b5a3666

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

MoveToEx
SetPixel
StretchBlt
CreateRectRgn
StartDocW
EndDoc
SelectClipRgn
CreatePen

kernel32

LoadLibraryA
GetModuleHandleA
GetProcAddress
OpenThread
WaitForSingleObject
lstrcatA
GlobalFree
GetSystemTimes
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineW
CloseHandle
SetThreadPriority
GetCurrentThreadId
GlobalAlloc
GetThreadPriority

ntdll

NtCreateSection
NtMapViewOfSection
ZwWriteFile
ZwOpenProcess
ZwCreateProcess

ipsmbase

ForEachColl
_CIlog
CopyBytes
_CIsqrt
GetMem1
LeftTrimBstr
SetObj
Dup
SYD
FileSeek
CyErr
WeekdayName
BASIC_DISPINTERFACE_GetTICount
TstNe
SetContextWorkerThread
ErrI4
CyMul
MakeDir
FormatDateTime
RightTrim
CyFix
RandomNext
Get4
LenBstr
PV
OnError
LateMemNamedCallSt
CVErrFrom
_CIatan
FpCmpCy
LateMemCallLdRf
Not
ExceptHandler
UpperCase
PutMem
GetCurrentCalendar
GetErl
BstrFromFormat
UI1Str
IndexLoad
StrMove
CmpEq
Atn
DateR8
GetMinuteOfHour
Set
GetErrorInfo
FileCloseAll
GetMem2
Erase
GetFxStr3
I4Sgn
TextCmpGe
PutMemEvent
LenB
HexFrom
OctBstrFrom
SetDateBstr
I2
LateMemStAd
DateFrom
CySub
ForNext
TstGe
MIRR
CyStr
GetTime
TextCmpNe
Randomize
GetSecondOfMinute
IsNumeric
Filter
FailedFriend
MidStmt
End
ChangeDrive
R8ValFromBstr
SetDate
FormatPercent
TextTstLe
NextEachColl
Imp
DatePart
ErrObj
Choose
StringBstr
BoolStr
IsMissing
LsetFixstr
StrToUnicode
Right
DerefAry
EraseKeepData
Resume
TrimBstr

user32

AppendMenuA
GetKeyState
TranslateMDISysAccel
ScrollWindow
RedrawWindow
HideCaret
CharUpperA
GetDlgItem
DefWindowProcA
CharNextW
DrawIconEx
CharNextA
InvalidateRect
OemToCharBuffA
ShowScrollBar
EndDialog
GetCursorPos
IsClipboardFormatAvailable
GetWindowDC
GetKeyboardState
GetScrollPos
DrawTextW
RegisterClipboardFormatA
GetCursorPos
ExitWindowsEx
CharToOemA

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

522997c4788eb65b5b6e497a3b5a3666

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

ntdll

ipsmbase

user32

Sections

.text Size: 204KB - Virtual size: 204KB

.data Size: 13KB - Virtual size: 13KB

.rsrc Size: 17KB - Virtual size: 20KB

.text
Size: 204KB - Virtual size: 204KB

.data
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 17KB - Virtual size: 20KB