ea2707a7157b91674db71393f5eda6f72c4fa6fdf83aef81494dde02950d9b13

General

Target

ea2707a7157b91674db71393f5eda6f72c4fa6fdf83aef81494dde02950d9b13
Size

95KB
MD5

b8901e46f87bd9c0cf1392129d4ce00c
SHA1

3094f6e244c873f3cf8844fb94192271714d001d
SHA256

ea2707a7157b91674db71393f5eda6f72c4fa6fdf83aef81494dde02950d9b13
SHA512

b3b964631d5cef64a00cb6ef0c7dce95d0340fb16fd81e1d2cba582613f1eaddfb5eb1b139212052393a41e76d2a94daeaf2e7d0cf5a461327d4c10697f382ef
SSDEEP

1536:4piHCH6FOX4qM6evs/VdcvSGYQPZpafpLXn4T0w3QEuojPEkZb:4YiagXp0SGVZpapXn4wwZuojEab

Score

N/A

Malware Config

Signatures

Files

ea2707a7157b91674db71393f5eda6f72c4fa6fdf83aef81494dde02950d9b13
.dll windows x86

b68f862d79f7539f6d9981483a0a8f0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
lstrcmpiW
GetCurrentProcess
HeapDestroy
lstrcpynW
GetModuleFileNameW
lstrcatW
FreeLibrary
lstrlenA
SizeofResource
LoadResource
FindResourceW
lstrlenW
Sleep
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FindClose
GetModuleHandleW
DisableThreadLibraryCalls
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
InterlockedIncrement
GetTickCount
FindFirstFileW
GetDriveTypeW
GetCommandLineA
InterlockedExchange
VirtualProtect
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
RtlUnwind
GetVersion
ExitProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
GetStringTypeW

user32

CharNextW
LoadStringW
MessageBoxW

advapi32

RegCloseKey
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b68f862d79f7539f6d9981483a0a8f0e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 44KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 44KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 2KB - Virtual size: 2KB