2ee75edc77143361a5437858bdd77c2a902bd2ab8a31daec815bb7a598ddc79a

Sharing

Copy URL

Twitter E-mail

General

Target

2ee75edc77143361a5437858bdd77c2a902bd2ab8a31daec815bb7a598ddc79a
Size

1.0MB
MD5

cc86d16818a763c486b23b29acee9972
SHA1

6532d7616b2870028fee0e5682fc51c30add8e4a
SHA256

2ee75edc77143361a5437858bdd77c2a902bd2ab8a31daec815bb7a598ddc79a
SHA512

dc10b59b82ffb7968ed2386d751d457cd92b608da2ed2ad4514bea723c6b7da1cdac6c2de13303854836a20fa8c923f2952cc1f496eb4648597c63f914888076
SSDEEP

24576:WtuidRDGU3x4bBN45rLh0I0pf2WW1pxRPRllEpN40:Wv7Mf45x0Td2WWDrlCNn

Score

N/A

Malware Config

Signatures

Files

2ee75edc77143361a5437858bdd77c2a902bd2ab8a31daec815bb7a598ddc79a
.exe windows x86

bdafb98a72a734494a4bac9ecbe31c8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
DosDateTimeToFileTime
HeapSize
LockFileEx
RtlUnwind
GetModuleHandleW
TerminateThread
GetCurrentProcess
GetFileType
VirtualAlloc
InterlockedIncrement
HeapCreate
HeapReAlloc
GetCommandLineW
EnumSystemCodePagesA
GetCPInfo
CompareStringA
InterlockedDecrement
GetModuleFileNameA
DeleteCriticalSection
GetModuleFileNameW
WriteFile
FreeEnvironmentStringsW
GetLocaleInfoW
VirtualFree
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetLastError
ResumeThread
GetStringTypeW
QueryPerformanceCounter
SetHandleCount
LCMapStringA
FindNextChangeNotification
IsValidLocale
SetConsoleCtrlHandler
SetVolumeLabelW
HeapAlloc
GetDateFormatA
HeapFree
LocalFree
TlsSetValue
GetCurrentProcessId
lstrcmp
GetOEMCP
UnhandledExceptionFilter
LeaveCriticalSection
GetStringTypeA
GlobalHandle
FreeLibrary
GetStartupInfoA
CompareStringW
TlsAlloc
LCMapStringW
GetPrivateProfileStructW
SystemTimeToTzSpecificLocalTime
TlsGetValue
TlsFree
SetUnhandledExceptionFilter
GetVersionExW
FindFirstFileA
IsValidCodePage
WideCharToMultiByte
Sleep
HeapValidate
GetStdHandle
GetProcAddress
GetACP
GetCurrentThread
ReadConsoleOutputW
HeapDestroy
InterlockedExchange
GetTimeFormatA
SetLastError
GetEnvironmentStringsW
VirtualQuery
SetEnvironmentVariableA
MultiByteToWideChar
SetComputerNameA
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetTimeZoneInformation
GetPrivateProfileStructA
TerminateProcess
EnumSystemLocalesA
GetUserDefaultLCID
lstrcpynW
GetModuleHandleA
IsDebuggerPresent
GetLocaleInfoA
GetStartupInfoW
IsBadWritePtr
ExitProcess

wininet

FtpGetFileSize
HttpSendRequestExW
FtpRemoveDirectoryW
InternetGetCertByURLA
GopherGetAttributeW
GetUrlCacheHeaderData
InternetDialW
GetUrlCacheEntryInfoA
FindNextUrlCacheEntryExW
InternetSetFilePointer
InternetSetOptionA

shell32

SHInvokePrinterCommandA
SHBrowseForFolder
SHGetDataFromIDListA
SHEmptyRecycleBinW
DuplicateIcon
ExtractAssociatedIconExA
ShellExecuteEx
SHInvokePrinterCommandW
InternalExtractIconListA
SheChangeDirExW
SHFileOperation
SHGetSpecialFolderLocation

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdafb98a72a734494a4bac9ecbe31c8a

Headers

File Characteristics

Imports

kernel32

wininet

shell32

Sections

.text Size: 119KB - Virtual size: 118KB

.data Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 118KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 5KB - Virtual size: 4KB