ea3ce7157ac8a6d09c6b9a8e0064ff607983f268853a4883ba8d7dae824b7d49

Sharing

Copy URL

Twitter E-mail

General

Target

ea3ce7157ac8a6d09c6b9a8e0064ff607983f268853a4883ba8d7dae824b7d49
Size

304KB
MD5

32bc3b3a646e6b26957d5e9711731560
SHA1

c78a481ba9738d340240e9486e6a0191de5c3688
SHA256

ea3ce7157ac8a6d09c6b9a8e0064ff607983f268853a4883ba8d7dae824b7d49
SHA512

017fd28217b127f2e1a2495c2b62f458ce233ec121d3ad4ac8eea420cf65c31fae7679e19751f7f73fbd3b8160156d8b3727ec10f6b4f4eb167ab10b90472925
SSDEEP

3072:AmiT/Dtir5aSd/D89NUq0yAh195CAbNjMoXN3FQLibzdT6pj2joI+c3ChPNtWsGq:MT/AuNUuAFsojMAFLQhPWs0zY

Score

N/A

Malware Config

Signatures

Files

ea3ce7157ac8a6d09c6b9a8e0064ff607983f268853a4883ba8d7dae824b7d49
.dll windows x86

40b83da2c08808887eb4997481b65d55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CopySid
DeregisterEventSource
GetLengthSid
IsValidSid
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegisterEventSourceW
ReportEventW
CryptSetHashParam
GetSecurityDescriptorDacl
GetSecurityDescriptorOwner
LsaGetSystemAccessAccount
RegQueryValueExW

gdi32

GetRasterizerCaps
CreateDCW
DeleteDC
DeleteObject
EndDoc
EndPage
ExtTextOutA
GetDeviceCaps
GetObjectW
GetStockObject
GetTextExtentExPointW
PolyTextOutA
SelectObject
SetBrushOrgEx
StartDocW
TextOutW

kernel32

DisableThreadLibraryCalls
FindFirstFileA
FormatMessageW
GetProcessHeap
GetSystemTimeAsFileTime
InterlockedCompareExchange
InterlockedExchange
Sleep
lstrlenW
CloseHandle
CopyFileW
CreateEventW
CreateFileMappingW
CreateFileW
CreateMutexW
DeleteFileW
EnumCalendarInfoExA
ExpandEnvironmentStringsW
FoldStringW
GetCurrentProcess
GetCurrentProcessId
GetFileSize
GetFullPathNameW
GetSystemTime
GetTempFileNameW
GetTempPathW
GetTickCount
LoadLibraryW
LocalFree
MapViewOfFile
MapViewOfFileEx
MoveFileW
MulDiv
OpenMutexW
OutputDebugStringW
ReadConsoleOutputCharacterW
ReleaseMutex
SetEndOfFile
SetEnvironmentVariableW
SetFilePointer
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WinExec
WriteFile
lstrlenA
GetLastError
HeapFree
GetTimeFormatA
GetDateFormatA
RtlUnwind
CreateProcessA
DuplicateHandle
HeapAlloc
WideCharToMultiByte
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
IsDebuggerPresent
HeapDestroy
HeapCreate
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapReAlloc
GetTimeZoneInformation
RaiseException
GetFileAttributesA
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CreatePipe
GetExitCodeProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize
FlushFileBuffers
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA

ole32

OleGetAutoConvert
HPALETTE_UserMarshal
HICON_UserUnmarshal
HBRUSH_UserUnmarshal
HACCEL_UserUnmarshal
SNB_UserUnmarshal
OleGetClipboard
CreateDataAdviseHolder

oleaut32

SafeArrayAccessData
OleCreatePictureIndirect

shell32

ExtractIconExW
SHCreateDirectoryExA
ShellExecuteExW

Exports

Exports

Mdzdjcbamh

Sections

.text
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40b83da2c08808887eb4997481b65d55

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 209KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 44KB - Virtual size: 53KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 212KB - Virtual size: 209KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 44KB - Virtual size: 53KB

.reloc
Size: 12KB - Virtual size: 11KB