e876f56c2eb8e30f5d109582a4f1528699ec8b4b7dbc865402fdca43ae75ebd5

Sharing

Copy URL Twitter E-mail

General

Target

e876f56c2eb8e30f5d109582a4f1528699ec8b4b7dbc865402fdca43ae75ebd5
Size

669KB
MD5

51e59e573c6c8d6b388bfae836ed74ae
SHA1

664d96f50a54a3262eeb443b1ad9b4630d46a7ca
SHA256

e876f56c2eb8e30f5d109582a4f1528699ec8b4b7dbc865402fdca43ae75ebd5
SHA512

9e4118a6b9ce03965d77ebe635f96cce4829157e3642fea64a5e6b47bfc1b03ea2119b2ddd2a872877fb0c44ab9fb449cdf9579700c6456053901db62795a621
SSDEEP

1536:mmWP9wGzmos9OtrxfLckwh0sgke26I8r0ZEC2aAz7YXlQsDlP8NK+DUNINaWYp9:iP9DhtlfLTIobj0ZEFvz7YXlDPlMUOW

Score

N/A

Malware Config

Signatures

Files

e876f56c2eb8e30f5d109582a4f1528699ec8b4b7dbc865402fdca43ae75ebd5
.exe windows x86

3fd598589a5872853cf484993ee91fd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetFullPathNameA
Process32Next
CloseHandle
GetLocaleInfoA
GetSystemDirectoryA
GetFileSizeEx
WriteProcessMemory
LoadModule
GetVersion
GetProcessHeap
FreeLibrary
ReadProcessMemory
GetQueuedCompletionStatus
GetCurrentThreadId
LoadLibraryA
EnumSystemLocalesA
ExitProcess
LocalLock
CreateToolhelp32Snapshot
CopyFileA
GetModuleFileNameA
Process32First
GetCurrentProcess
CreateProcessA
GetDriveTypeW
LoadLibraryExA
LockFile
GetModuleFileNameW
GetPrivateProfileIntA
GetVersion
GetProcessVersion
GetWindowsDirectoryA
DeleteCriticalSection
EnumResourceNamesA
FindResourceExW
GetFileTime
GetProfileStringW
GetVolumeInformationW
FreeEnvironmentStringsA
FileTimeToLocalFileTime
GetModuleHandleA
DeviceIoControl
GetProcAddress
OpenProcess
GetVolumeInformationA
CreateRemoteThread
GetSystemWindowsDirectoryA

user32

GetMessageA
FillRect
DefMDIChildProcA
GetAncestor
AppendMenuA
DrawStateW
DefWindowProcA
GetCursorPos
FindWindowExA
UpdateWindow
AppendMenuA
RegisterClassExA
GetMenuCheckMarkDimensions
DialogBoxParamA
GetDCEx
EndDeferWindowPos
EnumDisplayMonitors
DispatchMessageA
DdeQueryStringW
ExitWindowsEx
GetDlgItemInt
CreateWindowExA
BeginPaint
CreateMenu
EnumThreadWindows
GetMenuBarInfo
TranslateMessage
GetLastInputInfo
CharUpperBuffA
EnableScrollBar
GetMenuStringA
GetClipboardData
GetMenuItemID
DrawIconEx
CreateCaret
ChildWindowFromPoint
CharNextW
GetProcessDefaultLayout
ShowWindow

advapi32

RegEnumKeyW
InitializeSecurityDescriptor
RegConnectRegistryW
EnumServicesStatusW
RegDeleteValueW
RegOpenCurrentUser
SetSecurityDescriptorGroup
RegRestoreKeyA
RegQueryInfoKeyW
StartServiceW
GetTokenInformation
RegisterTraceGuidsA
RegSaveKeyA
OpenServiceW
RegSaveKeyW
GetTrusteeTypeA
GetSecurityDescriptorOwner

shell32

SHGetDataFromIDListA
SHLoadNonloadedIconOverlayIdentifiers
ShellExecuteW
SHHelpShortcuts_RunDLLA
SHHelpShortcuts_RunDLLW
SHEmptyRecycleBinW
ExtractAssociatedIconA
DragFinish
Control_RunDLLAsUserW
StrNCmpIW
SHGetNewLinkInfo
ShellExecuteExA
PrintersGetCommand_RunDLLW
SHFileOperationA
DoEnvironmentSubstA
StrCmpNIW
StrNCmpW
DllInstall
InternalExtractIconListA
DllRegisterServer
SHGetPathFromIDList
ExtractAssociatedIconExA
ShellExecuteEx

gdi32

ResizePalette
CreateRectRgnIndirect
GetROP2
CreateBitmap
PolyPolyline
EnumFontsW
GetEnhMetaFileBits
PtInRegion
EnumFontFamiliesW
EndDoc
OffsetViewportOrgEx

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3fd598589a5872853cf484993ee91fd3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 448KB - Virtual size: 448KB

.idata Size: 88KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: 4KB - Virtual size: 100KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 448KB - Virtual size: 448KB

.idata
Size: 88KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: 4KB - Virtual size: 100KB