e30d13017bba8d8fb2f86add4f27d5d20dfeeb816d5e54b8bda70d3e632f81ff

Sharing

Copy URL Twitter E-mail

General

Target

e30d13017bba8d8fb2f86add4f27d5d20dfeeb816d5e54b8bda70d3e632f81ff
Size

536KB
MD5

c1683efbe9b4a74802ddbfaee8f34829
SHA1

de6b8504704fa814c2f8415215a68866fe4a05e6
SHA256

e30d13017bba8d8fb2f86add4f27d5d20dfeeb816d5e54b8bda70d3e632f81ff
SHA512

83dd74694ade6abe8f0393c1362b54bbb5952d4290d4fd27113536bd5e16e0253da818de776cd73a8caee03f59e1ad7cd4d354eacb4203601ca14c6f29501f22
SSDEEP

12288:vMMnMMMMMUXvymQMrPTLEV01SwG9QYBPACx7Q5B7yHE:vMMnMMMMMMqvKTIV01LxOACFyBeE

Score

N/A

Malware Config

Signatures

Files

e30d13017bba8d8fb2f86add4f27d5d20dfeeb816d5e54b8bda70d3e632f81ff
.exe windows x86

a32880f9b2d6c9529e88cf079affb92e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetDriveTypeW
GetModuleHandleExW
FindNextFileW
ResumeThread
VirtualFree
SetEvent
GetOverlappedResult
HeapAlloc
MoveFileW
GetCurrentProcess
WaitForSingleObject
LoadLibraryW
OutputDebugStringW
GetFileAttributesExW
GetVersionExA
GetCommandLineW
GetLogicalDriveStringsW
GetPrivateProfileIntW
CreateEventW
HeapFree
SleepEx
lstrcpyA
GetComputerNameExW
GetModuleHandleA
FindClose
GetCurrentThread
SizeofResource
GetProcessHeap
InitializeCriticalSection
lstrcpynW
WaitForMultipleObjectsEx
GetUserDefaultUILanguage
EnumUILanguagesW
OpenEventW
SetFilePointer
GetCurrentThreadId
lstrcmpW
GetLastError
SetThreadPriority
LoadResource
ResetEvent
CopyFileW
CloseHandle
DeviceIoControl
GetSystemDirectoryW
lstrlenW
Sleep
FindResourceExW
CompareFileTime
WriteFile
ReadFile
OpenFile
GetFileAttributesW
OpenMutexW
FindResourceA
SetErrorMode
CreateFileMappingW
ReadProcessMemory
LocalReAlloc
VirtualAlloc
WritePrivateProfileStringW
GetLongPathNameW
LeaveCriticalSection
CreateFileA
GetSystemTimeAsFileTime
FindFirstFileExW
AreFileApisANSI
InterlockedExchange
QueryPerformanceCounter
FindFirstFileW
GetFullPathNameA
ReleaseMutex
LocalFree
lstrcpyW
GetModuleHandleW
CancelIo
GetSystemTime
CreateThread
UnmapViewOfFile
GetProfileIntA
GetPrivateProfileStringW
LoadLibraryA
GetSystemInfo
ExitThread
ExpandEnvironmentStringsA
CreateFileMappingA
GetComputerNameA
CreateProcessInternalW
IsBadWritePtr
LoadLibraryExW
InterlockedExchangeAdd
DuplicateHandle
UnhandledExceptionFilter
_lclose
RaiseException
GetTimeZoneInformation
GetSystemWindowsDirectoryW
DeleteCriticalSection
lstrlenA
TerminateProcess
FreeLibrary
lstrcatW
EnterCriticalSection
DeleteFileW
ExpandEnvironmentStringsW
GetFullPathNameW
InterlockedDecrement
GetFileSize
GetFileTime
FormatMessageW
GetProfileStringA
GetFileSizeEx
MultiByteToWideChar
CreateMutexA
WideCharToMultiByte
GetDiskFreeSpaceExW
CreateMutexW
CreateProcessInternalA
WaitNamedPipeW
CreateFileW
GetPriorityClass
GlobalMemoryStatus
GetComputerNameW
MapViewOfFile
InterlockedIncrement
OpenProcess
GetTickCount
GetProcAddress
LocalAlloc
GetModuleFileNameW
SetNamedPipeHandleState
CreateEventA
SetUnhandledExceptionFilter
DelayLoadFailureHook
GetWindowsDirectoryW
SearchPathW
GetLocalTime
SetLastError
GetDiskFreeSpaceW
lstrcmpiW
GetCurrentProcessId
GetVolumeInformationW

ddraw

DirectDrawCreate

ntdll

RtlAdjustPrivilege
NtWaitForSingleObject

rpcrt4

RpcEpResolveBinding
RpcSsDestroyClientContext
RpcStringFreeW
UuidFromStringW
RpcBindingSetAuthInfoExW
RpcBindingSetAuthInfoA
RpcRaiseException
UuidCreate
RpcStringBindingParseW
I_RpcBindingIsClientLocal
RpcBindingToStringBindingW
RpcStringBindingComposeW
RpcBindingSetAuthInfoW
RpcImpersonateClient
NdrClientCall2
NDRCContextBinding
RpcBindingSetAuthInfoExA
RpcBindingFromStringBindingW
I_RpcExceptionFilter
UuidToStringW
I_RpcMapWin32Status
RpcBindingFree
RpcRevertToSelf

Sections

.text
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 440KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a32880f9b2d6c9529e88cf079affb92e

Headers

File Characteristics

Imports

kernel32

ddraw

ntdll

rpcrt4

Sections

.text Size: 4KB - Virtual size: 880B

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 60KB - Virtual size: 57KB

.data Size: 440KB - Virtual size: 2.0MB

.rdata Size: 20KB - Virtual size: 19KB

.text
Size: 4KB - Virtual size: 880B

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 60KB - Virtual size: 57KB

.data
Size: 440KB - Virtual size: 2.0MB

.rdata
Size: 20KB - Virtual size: 19KB