ed80a76b99d1d92dde13b2e731bc88961a550f599103fc153bc69cb4486f2f8d

Sharing

Copy URL Twitter E-mail

General

Target

ed80a76b99d1d92dde13b2e731bc88961a550f599103fc153bc69cb4486f2f8d
Size

248KB
MD5

39582703a0198d1e789d028bea7b839c
SHA1

959df9bf3a2ca59eff2ddb9cedb4af8009c68e9e
SHA256

ed80a76b99d1d92dde13b2e731bc88961a550f599103fc153bc69cb4486f2f8d
SHA512

98d7b193fb3a92392a52fd0594b5afd5e85ec10d8f3d9b7bf994aedd21eb4f35557a9c131274e8cb59f1c92f489121006ad6a16037ac1dc56e8107797ccaa475
SSDEEP

6144:ET9Z5k1B2G6hcYAFYobifCc1TO9rA0ffDJqFbRsFsmH:cZ5S0YjF7EP16p94bRs3

Score

N/A

Malware Config

Signatures

Files

ed80a76b99d1d92dde13b2e731bc88961a550f599103fc153bc69cb4486f2f8d
.exe windows x86

bea874a2944fafa0152dcb306cc1c99e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
FindFirstFileW
EnumResourceNamesW
SetThreadLocale
lstrcmpA
CompareStringW
GetAtomNameA
lstrcmpiA
SearchPathW
GetACP
TryEnterCriticalSection
EnumCalendarInfoW
SetTimeZoneInformation
SetProcessShutdownParameters
MoveFileExA
VirtualFree
GetFileAttributesA
DosDateTimeToFileTime
VirtualProtect
GetCommandLineA
GetTapeStatus
FatalAppExitA
GetUserDefaultLangID
GetLargestConsoleWindowSize
GetCurrentDirectoryW
ExitProcess
SetVolumeLabelA
GetThreadContext
ReadConsoleOutputA
CreateProcessA
SetConsoleOutputCP
SetHandleCount
GetSystemTime
VirtualQueryEx
GetHandleInformation
IsBadStringPtrA
WritePrivateProfileSectionA
CopyFileExW
GetTapeParameters
CreateFileW
GetPrivateProfileStringA
IsValidLocale
IsBadWritePtr
EnumResourceNamesA
UnmapViewOfFile
GetDateFormatA
CreatePipe
SuspendThread
DebugBreak
GetCommandLineW
SetupComm
GetUserDefaultLCID
FreeResource
GlobalFindAtomW
SetEnvironmentVariableA
EnumTimeFormatsW
EnumDateFormatsW
OpenSemaphoreW
FindFirstFileExW
LoadLibraryExA
GetVersionExA
VirtualAlloc
OutputDebugStringW

user32

DrawIconEx
MessageBoxA

gdi32

SetTextCharacterExtra
EnumFontFamiliesExA
RealizePalette
GetTextMetricsW
GetTextExtentPointA
DescribePixelFormat
TextOutW
CreateSolidBrush
GetCharacterPlacementA
PtVisible
RestoreDC
ExtEscape
MaskBlt
CreateBitmap
EndPath
GetTextAlign
GetTextExtentExPointA
GetBkColor
SelectPalette

comdlg32

PageSetupDlgA
GetFileTitleW
ChooseFontA
ChooseFontW

advapi32

LookupPrivilegeDisplayNameA
CreateProcessAsUserW
SetKernelObjectSecurity
ImpersonateSelf
RegLoadKeyW
LookupAccountSidW
IsValidSecurityDescriptor
CryptHashData
RegDeleteValueA
GetFileSecurityW
CryptExportKey
RegSetKeySecurity
CryptGetKeyParam
GetSidLengthRequired
RegOpenKeyW
BuildTrusteeWithNameW
GetNamedSecurityInfoW
RegCreateKeyExW

shell32

Shell_NotifyIconW
SHGetDesktopFolder
SHLoadInProc

ole32

CoUninitialize

oleaut32

LoadTypeLibEx
SafeArrayUnaccessData
SafeArrayGetElement

comctl32

ImageList_DrawIndirect
ImageList_GetImageCount
ImageList_GetIcon

shlwapi

PathGetCharTypeA
PathRenameExtensionW
PathCombineW
PathIsURLW
PathIsRootA
StrChrA
PathIsRootW
SHGetValueW
PathGetCharTypeW
PathStripPathA
PathRemoveBlanksW
StrCatBuffA
wnsprintfW

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bea874a2944fafa0152dcb306cc1c99e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 232KB - Virtual size: 229KB