0e39d614dc7b51b7807c9eee5ad17f8c058a020df34ab97c51b3c219fb5526be

Sharing

Copy URL Twitter E-mail

General

Target

0e39d614dc7b51b7807c9eee5ad17f8c058a020df34ab97c51b3c219fb5526be
Size

121KB
MD5

22cad2689664d00ecc1b910a162f3400
SHA1

627c7f573283d907cef0775b1923c35c45953f70
SHA256

0e39d614dc7b51b7807c9eee5ad17f8c058a020df34ab97c51b3c219fb5526be
SHA512

dae5488c49caa9230aa1fcfca392d491691b13f5c36615ad1a0c63f63062ca08b8dbfc4e61ea64e42024a9d76a15a8876b190e0caa16e3ae9e93040d0b05a6d4
SSDEEP

3072:wUh0tUsvYHHXRKUhCXK5vMczqanB6bOIon:wUunO3RHx/zlnyY

Score

N/A

Malware Config

Signatures

Files

0e39d614dc7b51b7807c9eee5ad17f8c058a020df34ab97c51b3c219fb5526be
.exe windows x86

0406a89562d7a95130c2037f40f8a8a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InvalidateRgn
SetKeyboardState
CreateDialogParamW
RegisterClassExA
ImpersonateDdeClientWindow
LoadAcceleratorsW
LoadIconW
GetWindowContextHelpId
GetMessageW
SetFocus
KillTimer
RemovePropA

gdi32

AddFontResourceA
BitBlt
CreateDCW
ChoosePixelFormat
BeginPath
CreateBitmap

mpr

WNetDisconnectDialog1A
WNetGetNetworkInformationW
WNetGetProviderNameA
WNetAddConnection3W
WNetGetConnectionA
WNetOpenEnumA

kernel32

HeapSize
IsValidCodePage
IsProcessorFeaturePresent
GetCPInfo
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
GetOEMCP
Sleep
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
RemoveDirectoryW
FileTimeToLocalFileTime
EnumDateFormatsA
ReadFile
OpenSemaphoreA
GetACP
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetLastError
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0406a89562d7a95130c2037f40f8a8a2

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

mpr

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 16KB

.rsrc Size: 86KB - Virtual size: 86KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 16KB

.rsrc
Size: 86KB - Virtual size: 86KB