8ee26b5e06ed27ca1ad570a207583e4c8fac237ac9c702255fe1d6a7c8d7ac7d

Sharing

Copy URL Twitter E-mail

General

Target

8ee26b5e06ed27ca1ad570a207583e4c8fac237ac9c702255fe1d6a7c8d7ac7d
Size

188KB
MD5

0d5e2f760f195182566dd755d3430767
SHA1

f2eb68f5e3feaaa4a808f652a9d405c298258a2a
SHA256

8ee26b5e06ed27ca1ad570a207583e4c8fac237ac9c702255fe1d6a7c8d7ac7d
SHA512

ce054bce9c8a21c627a9aa6d81649d6d8161f235da5afece1fcf5747a0bb037b8e64ebf469a42e89a7203c84fc112c51c3877f1d29e6fe62a918d323c1d1e323
SSDEEP

3072:6OEumlkc/n0zkH5I2c6MjBho8irInuqXEWah3yYiEQS3N/PK6vxKBKYs9tW5JKs6:6fGtzkM59hotrInbkC+/PKKx+KYsHW5

Score

N/A

Malware Config

Signatures

Files

8ee26b5e06ed27ca1ad570a207583e4c8fac237ac9c702255fe1d6a7c8d7ac7d
.dll windows x86

32ef50265544f09f6dfd50cbe8727c1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateFileA
GetFileSize
CloseHandle
CreateFileMappingA
MapViewOfFile
MoveFileA
DeleteFileA
GetDiskFreeSpaceA
ReadFile
FindFirstFileA
FindNextFileA
FindClose
UnmapViewOfFile
GetWindowsDirectoryA
FreeLibrary
CompareStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
VirtualLock
VirtualFree
VirtualProtect
CreateEventA
SetEvent
WaitForSingleObject
GetLastError
GetFileAttributesA
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetCurrentThreadId
GetCommandLineA
GetVersionExA
RtlUnwind
RaiseException
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
IsBadWritePtr
WriteFile
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
VirtualQuery
SetStdHandle
FlushFileBuffers
GetACP
GetOEMCP
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
IsBadReadPtr
IsBadCodePtr
SetEndOfFile
LCMapStringA
GetSystemInfo
GetSystemDirectoryA

shlwapi

PathCombineA
PathStripToRootA

Exports

Exports

_CreateFileSystem@8

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32ef50265544f09f6dfd50cbe8727c1f

Headers

File Characteristics

Imports

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 100KB - Virtual size: 98KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 100KB - Virtual size: 98KB

.reloc
Size: 8KB - Virtual size: 7KB