eb5ded4ed1df36f5dee308692a7b688c63baa9aed59ec445366873aaed26a58e

Sharing

Copy URL Twitter E-mail

General

Target

eb5ded4ed1df36f5dee308692a7b688c63baa9aed59ec445366873aaed26a58e
Size

128KB
MD5

6358c9e1ae9777fdf0dc788de26f9166
SHA1

8b8ef544a0ba39119a7f699856a6b5350fc345d4
SHA256

eb5ded4ed1df36f5dee308692a7b688c63baa9aed59ec445366873aaed26a58e
SHA512

730259a7f96a49996072c973c239f25cf3dac3872e5fec0b33d09a6ca4882e21a66966db49d9ed06f013015a000406fe96f4151ba4777ecbdd274710384e2cb0
SSDEEP

3072:sL4WhD8ng236vd66esemKKZts5fylLrSHK4JWmrZiNyb:skWGUF667emVc8tcKqWlNK

Score

N/A

Malware Config

Signatures

Files

eb5ded4ed1df36f5dee308692a7b688c63baa9aed59ec445366873aaed26a58e
.exe windows x64

4debf86710f49bbdbda4d8f50682e263

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupGetInfInformationW
SetupDiGetDeviceInstallParamsW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupQueryInfVersionInformationW

kernel32

HeapSize
HeapReAlloc
InitializeCriticalSection
LoadLibraryA
WriteFile
GetStdHandle
LockResource
SizeofResource
FindFirstFileW
FindClose
CreateDirectoryW
SystemTimeToFileTime
CreateFileW
SetFileTime
CloseHandle
FindResourceW
LoadResource
DeleteFileW
GetModuleHandleW
GetProcAddress
LocalFree
LocalAlloc
LoadLibraryW
FreeLibrary
FindNextFileW
lstrlenW
GetTempPathW
CopyFileW
SetLastError
RaiseException
GetLastError
GetOEMCP
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
RtlPcToFileHeader
IsValidCodePage
GetModuleHandleA
FlsGetValue
FlsSetValue
TlsFree
FlsFree
GetCurrentThreadId
FlsAlloc
ExitProcess
GetModuleFileNameA
RtlUnwindEx
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegEnumValueW
RegOpenKeyW

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4debf86710f49bbdbda4d8f50682e263

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

advapi32

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 48KB - Virtual size: 47KB