e27c22dc7350cc7c228b9c3a393ebb930242c40179e00b51de7f20480932dbef

Sharing

Copy URL Twitter E-mail

General

Target

e27c22dc7350cc7c228b9c3a393ebb930242c40179e00b51de7f20480932dbef
Size

164KB
MD5

48ea97dd30b2e2beb293a85608f741fb
SHA1

a981a33f86e99a9fc0ce01abb974fc8c96afde98
SHA256

e27c22dc7350cc7c228b9c3a393ebb930242c40179e00b51de7f20480932dbef
SHA512

442226cdd85f939c64e2d8f472609527c0e93fd24c558dd0bd56c8d249cf14d80f1521f4bcf7fe6af42f5b858226fddf42860a40fc611537d7acd06129a0754f
SSDEEP

3072:sGxWFI8Jyww0scsBqQgxowIufB967R6/a4T7KimpD+qZ7N3IVmAMrOG9:4P4XxcsJ2owIujoR6CimvZxoMyO

Score

N/A

Malware Config

Signatures

Files

e27c22dc7350cc7c228b9c3a393ebb930242c40179e00b51de7f20480932dbef
.dll windows x86

8a298cc6844f8e63058755a0058e1dba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType
MessageBoxA

kernel32

GetACP
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

gdi32

SelectObject

shell32

ShellExecuteExA

urlmon

URLDownloadToFileA

wininet

InternetReadFile

ws2_32

WSAWaitForMultipleEvents

wsock32

TransmitFile

ntdll

NtQuerySystemInformation

avicap32

capGetDriverDescriptionA

imagehlp

MakeSureDirectoryPathExists

powrprof

CallNtPowerInformation

winmm

waveInUnprepareHeader

msvfw32

ICCompressorFree

Exports

Exports

ServiceMain

Sections

.text
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 572B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 3.0MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.vmp2
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a298cc6844f8e63058755a0058e1dba

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

shell32

urlmon

wininet

ws2_32

wsock32

ntdll

avicap32

imagehlp

powrprof

winmm

msvfw32

Exports

Exports

Sections

.text Size: - Virtual size: 108KB

.itext Size: - Virtual size: 572B

.data Size: - Virtual size: 3KB

.bss Size: - Virtual size: 3.0MB

.idata Size: - Virtual size: 7KB

.edata Size: - Virtual size: 88B

.vmp0 Size: - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 5KB

.vmp1 Size: - Virtual size: 37KB

.vmp2 Size: 161KB - Virtual size: 160KB

.reloc Size: 512B - Virtual size: 228B

.text
Size: - Virtual size: 108KB

.itext
Size: - Virtual size: 572B

.data
Size: - Virtual size: 3KB

.bss
Size: - Virtual size: 3.0MB

.idata
Size: - Virtual size: 7KB

.edata
Size: - Virtual size: 88B

.vmp0
Size: - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 5KB

.vmp1
Size: - Virtual size: 37KB

.vmp2
Size: 161KB - Virtual size: 160KB

.reloc
Size: 512B - Virtual size: 228B