7ee82a9eef6ad8d7faae733d4c00a393eacd9cc62942d131abd951cdb9b9a8de

Sharing

Copy URL Twitter E-mail

General

Target

7ee82a9eef6ad8d7faae733d4c00a393eacd9cc62942d131abd951cdb9b9a8de
Size

255KB
MD5

5109d8c24c328aab574edb6dd878126f
SHA1

9a5a911644fd2cf849c0f6eeedecde27f4dc45fa
SHA256

7ee82a9eef6ad8d7faae733d4c00a393eacd9cc62942d131abd951cdb9b9a8de
SHA512

5ce81ee262205f57f1d5618bb5f4ba5b4419e75c84e7f1a29b14d207e816f1ac8792c194b2d93dc9881fa44f2d5a2d81615ae3846ebd3f66e760d91fb0c68446
SSDEEP

3072:i1zXDICG8Rk3MbuwGpfWIDHTYnZUpX8FOnau59ON4v7PDaBIvt+8kkRkFUqsALZN:i1jNH6tDakeOvPESkrXR8cKrZ6X

Score

N/A

Malware Config

Signatures

Files

7ee82a9eef6ad8d7faae733d4c00a393eacd9cc62942d131abd951cdb9b9a8de
.exe windows x86

50badba888ed7628e15b07092a83972e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

WriteConsoleW
MultiByteToWideChar
LoadLibraryW
LCMapStringW
GetStringTypeW
HeapReAlloc
FlushFileBuffers
CreateFileW
CloseHandle
GetLastError
HeapCreate
GetCurrentProcess
SetStdHandle
HeapAlloc
HeapSize
RtlUnwind
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
DecodePointer
EncodePointer
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP

user32

GetParent
GetDialogBaseUnits
EnableWindow
SetDlgItemTextW
IsWindow
LoadAcceleratorsA
SendDlgItemMessageW
GetDlgItem
SetDlgItemInt
FillRect
LoadMenuA

gdi32

SetTextColor
DeleteDC
GdiFlush
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
TextOutA
BitBlt

winscard

SCardConnectA
g_rgSCardT1Pci
SCardEstablishContext
SCardFreeMemory
g_rgSCardT0Pci
SCardTransmit
SCardDisconnect
SCardListReadersA
SCardReleaseContext

shlwapi

StrTrimA

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50badba888ed7628e15b07092a83972e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winscard

shlwapi

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 157KB - Virtual size: 157KB

.data Size: 5KB - Virtual size: 17KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 157KB - Virtual size: 157KB

.data
Size: 5KB - Virtual size: 17KB

.rsrc
Size: 10KB - Virtual size: 9KB