eae0993cea748aea44235b9162acbb3aa3476f86c755c4977b03db4d3a0c1bae

Sharing

Copy URL Twitter E-mail

General

Target

eae0993cea748aea44235b9162acbb3aa3476f86c755c4977b03db4d3a0c1bae
Size

228KB
MD5

13d4a7d880db73ed4acc485088705c7d
SHA1

225791d179c06ba6826655cb6c9e9234a526f83a
SHA256

eae0993cea748aea44235b9162acbb3aa3476f86c755c4977b03db4d3a0c1bae
SHA512

660dee5a42ca4b6e53f7ee35f990962d3985e5633bfecbdfd04eb11fe7a8c8882208225f121bc232023d501a514c2eaf1f9365cb0f5ca900eb022feaa3258123
SSDEEP

3072:9GmNzp7M7d+IlnREWXZVeYRzg4G2raO45zApHBk:MmNp7aMITreQzw2FmEHq

Score

N/A

Malware Config

Signatures

Files

eae0993cea748aea44235b9162acbb3aa3476f86c755c4977b03db4d3a0c1bae
.exe windows x86

31a88fa9e9a72a955f05ff95758acfbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
OpenProcess
MoveFileA
DeleteFileA
GetModuleFileNameA
GetCommandLineA
Sleep
GetLocalTime
MultiByteToWideChar
GetTickCount
GetCurrentThreadId
lstrlenW
lstrcmpiA
WideCharToMultiByte
RaiseException
FlushInstructionCache
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpA
MulDiv
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
DeleteCriticalSection
SetEvent
InterlockedDecrement
InitializeCriticalSection
IsProcessorFeaturePresent
InterlockedCompareExchange
ReadFile
GetProcessHeap
SetEndOfFile
LoadLibraryA
GetTempPathA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
CreateFileA
SetFilePointer
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStdHandle
VirtualFree
HeapCreate
ExitProcess
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetConsoleMode
GetConsoleCP
WriteFile
GetStartupInfoA
HeapFree
CreateDirectoryA
RemoveDirectoryA
CreateMutexA
ExpandEnvironmentStringsA
lstrcpyA
lstrcatA
lstrlenA
GetFileAttributesExA
GetModuleHandleA
DuplicateHandle
GetCurrentProcess
GetExitCodeProcess
GetProcAddress
CreateRemoteThread
GetLastError
CloseHandle
SetLastError
WaitForSingleObject
CreateThread
RtlUnwind
ExitThread
HeapAlloc
HeapReAlloc
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualAlloc
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ResumeThread

user32

SetLayeredWindowAttributes
SetWindowPos
MessageBoxA
wsprintfA
LoadBitmapA
FillRect
IsWindowVisible
BringWindowToTop
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowLongA
ClientToScreen
MoveWindow
IsWindow
GetWindowRect
GetFocus
WindowFromPoint
GetForegroundWindow
GetCursorPos
GetWindowThreadProcessId
AttachThreadInput
FindWindowExA
DefWindowProcA
ShowWindow
GetWindowLongA
PostThreadMessageA
DestroyWindow
GetDlgItem
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ScreenToClient
CreateAcceleratorTableA
GetDC
GetDesktopWindow
ReleaseDC
CharNextA
GetParent
GetClassNameA
RedrawWindow
IsChild
SetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
SendMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
CallWindowProcA
EndPaint
BeginPaint
GetClientRect
CreateWindowExA
UnregisterClassA

gdi32

CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectA
GetDeviceCaps

advapi32

RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance

oleaut32

VariantClear
VariantInit
SysFreeString
LoadRegTypeLi
LoadTypeLi
SysStringLen
DispCallFunc
SysAllocString
SysAllocStringLen
OleCreateFontIndirect

shlwapi

PathGetArgsA
StrStrIW
StrToIntA
UrlUnescapeA
PathIsDirectoryA
PathRemoveBlanksA
PathFindFileNameA
PathRemoveFileSpecA
PathFileExistsA

ws2_32

htons
ioctlsocket
connect
select
__WSAFDIsSet
closesocket
send
recv
gethostbyname
WSAStartup
socket

netapi32

Netbios

psapi

EnumProcesses
GetModuleFileNameExA

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31a88fa9e9a72a955f05ff95758acfbe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

netapi32

psapi

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 17KB - Virtual size: 17KB