ee16602b75bd4dea17cef86c59e7bdf709d924d3da79fa64a83169445a499f3b

Sharing

Copy URL

Twitter E-mail

General

Target

ee16602b75bd4dea17cef86c59e7bdf709d924d3da79fa64a83169445a499f3b
Size

687KB
MD5

86e1269b891706763c9981ea6e974b8d
SHA1

775540c70cfdb5973378b1d4d244ca4af6f2278a
SHA256

ee16602b75bd4dea17cef86c59e7bdf709d924d3da79fa64a83169445a499f3b
SHA512

2fb53d1f7b7e2f08af5646ed26b3fb71fd6d6cc7a813107db39dcbc81bdbec034371d3d8e86122fc96efa9f02cf5811e81df9f980c0e1bd3db884cd850807f5a
SSDEEP

12288:GvsEi+KOxRu5/k3ngKWwsmYtVra0yEygXcl99+L5xHglGHIgxQ:spO84mi1IiSGHIX

Score

N/A

Malware Config

Signatures

Files

ee16602b75bd4dea17cef86c59e7bdf709d924d3da79fa64a83169445a499f3b
.exe windows x86

b11812bb98b1cc455860a297c7647be6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetLastError
GetCurrentProcessId
GetCurrentProcess
LeaveCriticalSection
CloseHandle
LoadLibraryW
HeapAlloc
QueryPerformanceCounter
QueryPerformanceCounter
InterlockedExchange
GetProcAddress
HeapFree
Sleep
GetSystemTimeAsFileTime
MultiByteToWideChar
GetLastError
GetModuleFileNameA
GetProcessHeap
VirtualProtect
VirtualAlloc
DisableThreadLibraryCalls
DeleteCriticalSection
LocalFree
GetModuleHandleW
InterlockedExchange
SetLastError
GetLastError
InterlockedDecrement
GetModuleHandleA
GetTickCount
LoadLibraryW
GetProcessHeap
LeaveCriticalSection
LoadLibraryA
CreateEventW
HeapAlloc
InterlockedDecrement
InterlockedExchange
GetLastError
VirtualAlloc
LoadLibraryA
QueryPerformanceCounter
VirtualAlloc
CloseHandle
HeapDestroy
HeapFree
HeapDestroy
GetCurrentThreadId
LoadLibraryA
Sleep
GetProcAddress
InterlockedExchange
GetProcAddress
HeapFree
SetLastError
FreeLibrary
GetTickCount
HeapDestroy
InterlockedIncrement
SetLastError
CloseHandle
CloseHandle
HeapAlloc
DisableThreadLibraryCalls
InterlockedDecrement
Sleep
InitializeCriticalSection
InitializeCriticalSection
GetTickCount

user32

SetWindowLongW
DispatchMessageW
CreateWindowExW
MessageBoxW
SetTimer
MessageBoxW
KillTimer
SetCursor
IsWindow
LoadIconW
SendDlgItemMessageW
GetClientRect
GetWindowRect
DialogBoxParamW
GetClientRect
wsprintfA
DestroyWindow
GetWindowRect
GetDesktopWindow
SetCursor
BeginPaint
DialogBoxParamW
GetDlgItem
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
EnableWindow
SetForegroundWindow
InvalidateRect
TranslateMessage
GetWindowRect
CreateWindowExW
PeekMessageW
SetWindowTextW
SetFocus
DispatchMessageW
ShowWindow
GetDesktopWindow
GetSystemMetrics
PeekMessageW
SetForegroundWindow
PostMessageW
GetWindowLongW
CharNextW
GetDesktopWindow
SetForegroundWindow
MessageBoxW
BeginPaint
ShowWindow
GetSysColor
SetTimer
GetClientRect
DefWindowProcW
KillTimer
SetCursor
CharNextW
BeginPaint
SetWindowPos
GetParent
GetFocus
LoadIconW
ShowWindow
EndDialog
DispatchMessageW
KillTimer
LoadCursorW

Sections

.text
Size: 601KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b11812bb98b1cc455860a297c7647be6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 601KB - Virtual size: 976KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 82KB - Virtual size: 84KB

.text
Size: 601KB - Virtual size: 976KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 82KB - Virtual size: 84KB