ebb4667d58082c5da5d564c90b1c3765469609152e75bdcc89b1a33e812eaac2

Sharing

Copy URL

Twitter E-mail

General

Target

ebb4667d58082c5da5d564c90b1c3765469609152e75bdcc89b1a33e812eaac2
Size

208KB
MD5

099e73bd7633662bff63cc19f0e14090
SHA1

87f3056b2942d5f9ee05190ca41a3b711ea0bab8
SHA256

ebb4667d58082c5da5d564c90b1c3765469609152e75bdcc89b1a33e812eaac2
SHA512

1095ecc50aee49e0915475cad1349477ef322718a5c8692bcd8b9ecec79df49a632e34ea6abe72317f28f966fcfe3fbef99dbe2ec2eb14fb5f4aa7df82cb3bce
SSDEEP

3072:8ZhZbEXfZ0bN9Na7G8T9lOcBYdRsGqB0Z/0KcoCE9:8PVI8bNJ8T9lOcqdtqBh

Score

N/A

Malware Config

Signatures

Files

ebb4667d58082c5da5d564c90b1c3765469609152e75bdcc89b1a33e812eaac2
.dll windows x86

d68099df983cfefc55a0884e27f520a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetFileSecurityW
GetLengthSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey
RegCreateKeyExA
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RevertToSelf
SetThreadToken

gdi32

GetOutlineTextMetricsA
EudcLoadLinkW

kernel32

VirtualAlloc
CloseHandle
CompareStringW
CreateDirectoryW
CreateFileA
CreateFileW
CreateMutexW
DeleteFileA
DeleteFileW
DeviceIoControl
FileTimeToDosDateTime
FindClose
FindFirstFileW
FreeLibrary
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetProcAddress
GetTempFileNameW
GetTickCount
GlobalFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
LoadLibraryA
LocalAlloc
LocalFree
MoveFileW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
ReadFile
ReleaseMutex
SetEndOfFile
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
Sleep
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
DeleteCriticalSection
ExitProcess
FatalAppExitA
RtlUnwind
SetStdHandle
GetLastError
GetFileType
TerminateProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedIncrement
GetExitCodeProcess
CreateProcessW
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers
RaiseException
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
SetEnvironmentVariableA

ole32

CoRevertToSelf

user32

SetCaretPos
wvsprintfA
DefWindowProcW
DestroyWindow
MessageBoxA
MsgWaitForMultipleObjects
PostQuitMessage
SetThreadDesktop
UnregisterClassW
VkKeyScanExW
wsprintfA
wsprintfW

Exports

Exports

edupaojjdnj

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d68099df983cfefc55a0884e27f520a7

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

user32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 48KB - Virtual size: 57KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 48KB - Virtual size: 57KB

.reloc
Size: 12KB - Virtual size: 8KB