c139246971d95998014c8f9576088c11d31d9b60b6e7093816c862a2e62650eb

Sharing

Copy URL Twitter E-mail

General

Target

c139246971d95998014c8f9576088c11d31d9b60b6e7093816c862a2e62650eb
Size

53KB
MD5

3073ed1082dc0e948b086ba849864748
SHA1

d8764342a17be6dd2fbfaf87bb117e11155d2fb4
SHA256

c139246971d95998014c8f9576088c11d31d9b60b6e7093816c862a2e62650eb
SHA512

34c623c6d47e7941cb75ac3c6602ae80fb5f1722ed5a04fd435e3eb9285e7ac4746d65ff8eb16f1ea2cfbc33da7a19bf30ff41cf18f03fcfb7814580383403a1
SSDEEP

768:I/f4KOA/euPU7XEIzpzZHQCjP7snwwCcZ3CBzUi0JcZMCkC5HVYPChy:I/Q/EMEIz3QeQnEe+0JcfHyPv

Score

N/A

Malware Config

Signatures

Files

c139246971d95998014c8f9576088c11d31d9b60b6e7093816c862a2e62650eb
.exe windows x86

ef33879c39091d5d0cfb8ed69732039a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateJobObjectW
CreateJobObjectA
CreateIoCompletionPort
CreateHardLinkW
CreateHardLinkA
CreateFileW
CreateFileMappingW
EnumResourceTypesA
CreateFileA
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
GetModuleHandleA
EnumResourceTypesW
FindVolumeMountPointClose
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EraseTape
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindVolumeClose
CreateFileMappingA

gdi32

CreateEllipticRgnIndirect
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
CreateFontIndirectExA
CreateFontIndirectExW
CreateFontIndirectW
CreateFontW
CreateHalftonePalette
CreateHatchBrush
CreateICA
CreateICW
CreateMetaFileA
CreateMetaFileW
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateScalableFontResourceW
CreateScalableFontResourceA

advapi32

RegOpenKeyA
RegOpenKeyW

shell32

SHGetPathFromIDListA
ord180
ord179
SHGetMalloc
SHGetInstanceExplorer
SHGetIconOverlayIndexW
SHGetIconOverlayIndexA
SHGetFolderPathW
SHGetFolderPathA
SHGetFolderLocation
SHGetFileInfoW
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHGetDiskFreeSpaceExA
SHGetDesktopFolder
SHGetDataFromIDListW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef33879c39091d5d0cfb8ed69732039a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

shell32

Sections

.text Size: 45KB - Virtual size: 44KB

.data Size: 512B - Virtual size: 612B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 756B

.text
Size: 45KB - Virtual size: 44KB

.data
Size: 512B - Virtual size: 612B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 756B