eb196d8c6d46cd7e7a943c82e8682048020ce7837e98745c57d47883aa463087

General

Target

eb196d8c6d46cd7e7a943c82e8682048020ce7837e98745c57d47883aa463087
Size

315KB
MD5

1c1fb00ddff492c69eaa7978aa6ffed1
SHA1

d4dfc6d3282a33de1b5453a27da79bbcd5207594
SHA256

eb196d8c6d46cd7e7a943c82e8682048020ce7837e98745c57d47883aa463087
SHA512

866900fc5b10f67834ba65178c55abdc3faa4764741455666bddf866f4aab1bc1a107192e423b9cd996693aca3ec07b9882db90c2767a508dca77e4f42ee4b5a
SSDEEP

6144:Sf3gfr02CW/hClMVPS2kVWgA+tcOHdbBV11w1tzfh0lIfH+udu:Sf6Q2CCY0GhtXOb3u

Score

N/A

Malware Config

Signatures

Files

eb196d8c6d46cd7e7a943c82e8682048020ce7837e98745c57d47883aa463087
.exe windows x86

399913f655493544768b476e32e9b12f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
FreeLibrary
InterlockedIncrement
TlsFree
LocalFree
LocalAlloc
InterlockedDecrement
FreeLibraryAndExitThread
DeleteCriticalSection
lstrcpynW
LoadResource
lstrlenW
LoadLibraryW
GetProcAddress
CloseHandle
GetCurrentProcess
GetCurrentThread
LockResource
GetModuleHandleA
CompareStringW
WaitForMultipleObjects
lstrcpyW
FormatMessageW
GetPrivateProfileIntW
GlobalFree
GlobalAlloc
VirtualProtect
GetCommandLineA
FindResourceW
GetStartupInfoA

user32

MessageBoxW
SetCursor
wsprintfW
RegisterClipboardFormatW
LoadStringW
LoadCursorW

advapi32

OpenProcessToken
EqualSid
SetThreadToken
RegQueryValueExW
RegCloseKey
OpenThreadToken
AdjustTokenPrivileges
DuplicateTokenEx
RegOpenKeyExW

ole32

ReleaseStgMedium
CoCreateInstance
CLSIDFromString

msvcr71

_controlfp
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_except_handler3
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

399913f655493544768b476e32e9b12f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 295KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 295KB

.rsrc
Size: 1KB - Virtual size: 1KB