e07cc870b66c54d853617a2ea399bc813da6fc766d6845a4c14c8c46514df959

Sharing

Copy URL Twitter E-mail

General

Target

e07cc870b66c54d853617a2ea399bc813da6fc766d6845a4c14c8c46514df959
Size

408KB
MD5

4caf8a9f1b64dc3b858fe3e8ff85ea64
SHA1

b6c6da03ac00ced1b9775bf3fd6257d020c921a1
SHA256

e07cc870b66c54d853617a2ea399bc813da6fc766d6845a4c14c8c46514df959
SHA512

80881ddcc82b7591dba1df50110c142f5cf58e1f8936ae3177027a6f0f887ecfd337aed98c47ffcbe1707b28707f2552bc989f39f99c4d6e81f04e2c031c63ab
SSDEEP

6144:ZukHwq3FZYLCyYd3Bv0V5FjvFtJqhrbnQ4ZXm/T3Kgh9bUe++s2r20sjb9wjLon:hwOFZYLCy4W9dtJs5xmb9FG+P20cs8

Score

N/A

Malware Config

Signatures

Files

e07cc870b66c54d853617a2ea399bc813da6fc766d6845a4c14c8c46514df959
.exe windows x86

edfac8e1be5b18a77d2ae137dcecb1a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwOpenProcess
NtMapViewOfSection
NtCreateSection
ZwOpenFile
ZwQueryKey

user32

GetKeyState
LoadBitmapA
IsClipboardFormatAvailable
SetParent
DestroyIcon
SystemParametersInfoA
UnhookWindowsHookEx
SendDlgItemMessageA
SetDlgItemTextW
SetWindowLongW
GetMessageA
SetDlgItemTextA
InsertMenuA
CharNextW
CharUpperBuffW
GetNextDlgTabItem
WindowFromPoint
CreateCaret
SetWindowsHookExA
CreateMenu
GetFocus
SetWindowLongA
GetKeyboardState
GetDC
IsZoomed
ReleaseCapture
SendMessageA
InvalidateRect
DeleteMenu
SetWindowTextA
GetCursorPos
GetClassLongA
DrawIconEx

rasmrage

UI1I4
AryCopy
UnloadProject
CallByName
Filter
Ubound
AppActivate
CreateContext
HresultCheck
EndOfFile
FreeObjList
TstGe
I2I4
BoolErr
Space
CharValueBstr
SetUnkAddref
TextTstLt
Copy
IRR
SYD
SetMemObj
Mul
CyAbs
FileCopy
Resume
MethCallEngine
RecUniToAnsi
DatePart
FPInt
ErrI4
R8IntI2
PutMemStr
_CIcos
ord2
LateMemNamedCall
GetPresentDate
IndexLoadRef
Like
DateDiff
Udt
RecDestruct
StrR4
rtBoolFromErr
FV
CreateInstanceEx
GetDateValue
LdZeroAry
DateR8
TstLt
gParmRef
CyMul
EraseNoPop
GosubReturn
I2Cy
BASIC_DISPINTERFACE_GetTICount
CreateObject2
GetTypeInfoCount
MidStmtBstrB
LowerCaseBstr
UI1Str
RightChar
LateMemStAd
TextTstGt
R4Err
GenerateBoundsError
AryConstruct2
R4Sgn
And
Bool
LateIdCallSt
GetDateBstr
InStrRev
GetFxStr4
DDB
Div
Pow
Mid
RsetFixstr
Abs
FpI4
Move
IndexStore
LineInputStr
SetTime
CyI2
GetMinuteOfHour
I4Str
GetMemNewObj
ExitProc
Ptr
StrAryToUnicode
GetTypeInfo
CompareBstr
LowerCase

kernel32

GetCommandLineW
VirtualFree
VirtualAlloc
CloseHandle
SetThreadPriority
CreateThread
GetCurrentThreadId
GetThreadPriority
OpenThread
LocalFileTimeToFileTime
DeleteFileA

gdi32

GetDeviceCaps
GetPixel
AddFontResourceA
StretchBlt
PtInRegion
SelectObject
GetTextMetricsA
EndPage

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edfac8e1be5b18a77d2ae137dcecb1a7

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

user32

rasmrage

kernel32

gdi32

Sections

.text Size: 367KB - Virtual size: 367KB

.data Size: 38KB - Virtual size: 37KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 367KB - Virtual size: 367KB

.data
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 2KB - Virtual size: 4KB