ed2a48442364b7e099cc5e43f5b2550b7ee868add1e90a2bf4b251d6bd8f0e5a

Sharing

Copy URL Twitter E-mail

General

Target

ed2a48442364b7e099cc5e43f5b2550b7ee868add1e90a2bf4b251d6bd8f0e5a
Size

173KB
MD5

0635e5c7b912dc810c78db907460fdad
SHA1

2f6553b87db306a866678ec6651c150b15dfe066
SHA256

ed2a48442364b7e099cc5e43f5b2550b7ee868add1e90a2bf4b251d6bd8f0e5a
SHA512

cb8cb56e16556fac4ac62b280d4a487400df5ddf8cab4f1ce4915c73b4214daccff373209bc06b75abf5cf070d68d7187383369e91999f3cc5cb299b510f1ab0
SSDEEP

3072:9Lwgzgg7Cva35FLUslJYrsfBf0jcMTyq+EfBq:9Lpz7CvvAKsfx0jcbqj

Score

N/A

Malware Config

Signatures

Files

ed2a48442364b7e099cc5e43f5b2550b7ee868add1e90a2bf4b251d6bd8f0e5a
.exe windows x86

30d642bfd0e989d635d722e24296fa9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsUNCW
SHRegGetValueW
StrDupW
PathSkipRootW
PathGetArgsW
PathFindFileNameW

advapi32

RegOpenKeyExW
EncryptFileW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
DecryptFileW
RegQueryValueExW
RegEnumKeyW
RegQueryInfoKeyW
RegCloseKey

gdiplus

GdipGetImageWidth
GdipDisposeImage

user32

GetClassNameW
GetPropW
AllowSetForegroundWindow
GetGUIThreadInfo
GetWindowThreadProcessId
GetForegroundWindow

ole32

CoGetDefaultContext
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemFree

kernel32

FindClose
GetModuleHandleW
FindFirstFileW
LocalFree
GetCalendarInfoW
SetFileAttributesW
InterlockedExchange
ExitProcess
UnmapViewOfFile
Sleep
lstrlenW
LoadLibraryW
GetFileAttributesW
GetCurrentDirectoryW
VirtualProtect
CreateFileMappingW
FindNextFileW
QueryPerformanceCounter
GetProcAddress
lstrcmpiW
OpenProcess
SetUnhandledExceptionFilter
EncodePointer
SetLastError
MultiByteToWideChar
CreateDirectoryW
SetEnvironmentVariableW
FreeLibrary
EnumResourceNamesA
VirtualQuery
GetProcessId
GetModuleFileNameW
GetCurrentThreadId
ReleaseMutex
UnhandledExceptionFilter
QueryDosDeviceW
GetCurrentProcess
DuplicateHandle
EnterCriticalSection
MapViewOfFile
WideCharToMultiByte
GetFileSizeEx
GetTickCount
IsWow64Process
LocalAlloc
InitializeCriticalSection
GetFileInformationByHandle
WaitForSingleObject
OutputDebugStringW
SearchPathW
GetLogicalDriveStringsW
OutputDebugStringA
GetSystemTimeAsFileTime
InterlockedCompareExchange
GetLastError
GetModuleHandleA
CreateMutexW

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30d642bfd0e989d635d722e24296fa9b

Headers

File Characteristics

Imports

shlwapi

advapi32

gdiplus

user32

ole32

kernel32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 96KB