e9d4baf7b5932cc54c6c01fd2dcea069ff1ab5dbc0584ea2276764c060026056

Sharing

Copy URL Twitter E-mail

General

Target

e9d4baf7b5932cc54c6c01fd2dcea069ff1ab5dbc0584ea2276764c060026056
Size

308KB
MD5

488898692108910cc43cf262af66f735
SHA1

48f7ccd1d7751b89b20d0fdce0bfc4630de7dab5
SHA256

e9d4baf7b5932cc54c6c01fd2dcea069ff1ab5dbc0584ea2276764c060026056
SHA512

541a8862d2267e8ede52a4a475f16df55cc8f9974c63efae70aa20e010316179f614baac3834b3355bd092deffc155eb7efebad8bbb34fc5aa1dca0fbab4b6bd
SSDEEP

6144:Q0+44I3oUyLW0zUDTZCatGyI+dze3BNgpVRM8+HPN3Yq4ZpAPeB0fkMzgGHhv:QORoLLW0z9yIoC3BNGsiAWB0sIhv

Score

N/A

Malware Config

Signatures

Files

e9d4baf7b5932cc54c6c01fd2dcea069ff1ab5dbc0584ea2276764c060026056
.exe windows x86

d59efef157f93fc3f85564e23e22e81f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetComputerNameA
FreeLibrary
LoadLibraryA
GetFileAttributesA
GetEnvironmentVariableA
GetCurrentProcess
CreateThread
CreateMutexA
OpenMutexA
DeleteFileA
SetFileAttributesA
GetDriveTypeA
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
CloseHandle
WriteFile
CreateFileA
VirtualFreeEx
LoadResource
SizeofResource
FindResourceA
CompareStringW
CompareStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
Sleep
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
Process32Next
LockResource
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetLastError
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
TerminateProcess
WideCharToMultiByte
ReadFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetEnvironmentVariableA

user32

FindWindowA
EnumChildWindows
ShowWindow
MessageBoxA
GetForegroundWindow
GetKeyState
keybd_event
MapVirtualKeyExA
GetKeyNameTextA
GetAsyncKeyState
GetWindowTextA
GetClassNameA
SendMessageA
GetWindowThreadProcessId

advapi32

OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

wininet

InternetOpenA
InternetConnectA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d59efef157f93fc3f85564e23e22e81f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 26KB

.rsrc Size: 236KB - Virtual size: 234KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 26KB

.rsrc
Size: 236KB - Virtual size: 234KB