ea1e88bea67e52082e63c1dcf3fd98569e03d934e5f111ea8cd548c266fbe4a7

Sharing

Copy URL Twitter E-mail

General

Target

ea1e88bea67e52082e63c1dcf3fd98569e03d934e5f111ea8cd548c266fbe4a7
Size

170KB
MD5

1814d1a2ac430f5ffa1a5992906f6c1b
SHA1

0dad5ac792b27c32fd75db926b623b2f8feaefcc
SHA256

ea1e88bea67e52082e63c1dcf3fd98569e03d934e5f111ea8cd548c266fbe4a7
SHA512

76792a30da4f98862662eae4427fe80792b1db7bf1190e6b76adbd9afc5af9bc1b24f280fd7c90fa7ab48ece09c1e445fc36874f0b81ca0b99ffcb0c658e69d6
SSDEEP

3072:5GX8XSq7cm3k9JipUqS4xOO21Q9hu1dDZU3BhGmC100j50XVA6Dotqbp/krbkYY/:FCq7cm0+THwRQ92zEC100WFlDLp/k/kY

Score

N/A

Malware Config

Signatures

Files

ea1e88bea67e52082e63c1dcf3fd98569e03d934e5f111ea8cd548c266fbe4a7
.exe windows x86

10c6f81afb4353e4a67f2d37ed04ad6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtOpenSection
NtOpenFile
NtQuerySection
NtOpenEventPair
ZwOpenTimer
NtOpenEvent

ole32

GetRunningObjectTable
CoTaskMemAlloc
OleInitialize

oleaut32

SysAllocStringLen

gdiplus

GdipCreatePathGradientFromPath
GdipDrawImageRect
GdipFree
GdipSetWorldTransform
GdipLoadImageFromStreamICM
GdipFillRectangleI
GdipBitmapUnlockBits
GdipCreatePen1
GdipImageRotateFlip
GdipCreateSolidFill
GdipBitmapLockBits
GdipDeletePen

gdi32

SelectObject
SetBkMode
GetCurrentObject

shell32

SHGetPathFromIDListW
SHBrowseForFolderW

shlwapi

PathFileExistsW

kernel32

DeleteCriticalSection
ReleaseMutex
CloseHandle
VirtualProtectEx
CreateFileW
GetFullPathNameW
GetPriorityClass
GlobalAlloc
GetVersion
LoadLibraryW
lstrlenA
lstrcmpiW
FindFirstVolumeW
InterlockedExchangeAdd
SetErrorMode
GetModuleFileNameW
SleepEx
MultiByteToWideChar
LoadLibraryExW
CloseHandle
OutputDebugStringA
GetProcessHeap
EnumUILanguagesW
GetUserDefaultUILanguage
GetCurrentProcessId

user32

GetDC
DrawFrameControl
SetFocus
EnableMenuItem
GetClassNameW
SetWindowTextW
GetWindowLongW
LoadIconW
GetWindowThreadProcessId
OpenClipboard
ReleaseCapture
CloseClipboard
ModifyMenuW
MoveWindow

mll_vpsp

_Sinh
_Strcoll
_Dtest
_LDenorm
_Stof
_Xbig
_Stod

advapi32

RegCloseKey
GetTraceLoggerHandle

msvcrt

_wcsicmp
__getmainargs
qsort
__dllonexit
memset
_acmdln

comctl32

ImageList_Remove
InitCommonControlsEx
ImageList_Create

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10c6f81afb4353e4a67f2d37ed04ad6f

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

ole32

oleaut32

gdiplus

gdi32

shell32

shlwapi

kernel32

user32

mll_vpsp

advapi32

msvcrt

comctl32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 36KB - Virtual size: 36KB

.rsrc Size: 113KB - Virtual size: 116KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 113KB - Virtual size: 116KB