e0402b80c4b1ffabefe0115b4ddbf62766488a92a3bafef1919a2f6968f14289

Sharing

Copy URL Twitter E-mail

General

Target

e0402b80c4b1ffabefe0115b4ddbf62766488a92a3bafef1919a2f6968f14289
Size

184KB
MD5

295eb063403cf7683bed7ee7776dc8d8
SHA1

6bb7235128cb8758f2218dc1fbaa709d665ab222
SHA256

e0402b80c4b1ffabefe0115b4ddbf62766488a92a3bafef1919a2f6968f14289
SHA512

169281789bae84e8165f971e4d423e1c443d18a2168d8fb370a705ae7e0daabb33142d1e7faf03e112da61ac3926e170e964476260d07e794b8c7f49831f0efa
SSDEEP

3072:xfBMat9oQcnuuXe1anY5IzJVpJZdmzSJ9tNTbbQL9l:x5M4jcnuuXPnYatJZ8ifTv

Score

N/A

Malware Config

Signatures

Files

e0402b80c4b1ffabefe0115b4ddbf62766488a92a3bafef1919a2f6968f14289
.exe windows x86

409ef78bcf59e5d0f143c95cb17b8008

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetPrivateProfileSectionA
OutputDebugStringA
GetLocalTime
GetTickCount
CreateMutexA
LoadLibraryExA
LocalAlloc
GetEnvironmentVariableA
GetShortPathNameA
CreateProcessA
SetPriorityClass
SetFileAttributesA
ResumeThread
ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
HeapFree
DeviceIoControl
OpenFileMappingA
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
EnterCriticalSection
ReleaseMutex
LeaveCriticalSection
GetCurrentDirectoryA
CopyFileA
MoveFileExA
WideCharToMultiByte
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SizeofResource
LoadResource
GetCurrentThreadId
WriteProcessMemory
SetUnhandledExceptionFilter
lstrlenA
lstrcmpiA
IsDBCSLeadByte
lstrlenW
RaiseException
FindResourceA
CopyFileExA
Sleep
InitializeCriticalSectionAndSpinCount
CreateFileW
SetEndOfFile
IsValidLocale
EnumSystemLocalesA
GetSystemInfo
GetVersionExA
GetModuleFileNameA
GetFileAttributesA
UnmapViewOfFile
VirtualProtect
MapViewOfFile
GetSystemDirectoryA
VirtualAlloc
DeleteFileA
WriteFile
CreateFileA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
TerminateProcess
OpenProcess
CloseHandle
GetCurrentProcess
SetLastError
GetLocaleInfoA
GetUserDefaultLCID
WriteConsoleW
FlushFileBuffers
SetStdHandle
LoadLibraryW
GetStringTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
ReadFile
SetFilePointer
GetLocaleInfoW
GetFileType
SetHandleCount
RtlUnwind
GetModuleFileNameW
GetStdHandle
ExitProcess
LCMapStringW
HeapCreate
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
VirtualQuery
GetModuleHandleW
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
LocalFree
GetLastError
GetCommandLineA
HeapDestroy

user32

CharNextA
CharUpperA

advapi32

BuildExplicitAccessWithNameA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegQueryInfoKeyW
RegDeleteKeyA
SetSecurityDescriptorDacl
GetLengthSid
InitializeSecurityDescriptor
ControlService
StartServiceA
DeleteService
OpenServiceA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
GetNamedSecurityInfoA
RegEnumKeyExA
RegDeleteValueA
SetNamedSecurityInfoA
FreeSid
AddAccessAllowedAce
AddAccessDeniedAce
InitializeAcl
AllocateAndInitializeSid
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueA
SetSecurityInfo
SetEntriesInAclA
OpenProcessToken
RegSetValueExA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoAddRefServerProcess
CoReleaseServerProcess

oleaut32

VariantClear
VarUI4FromStr

shlwapi

SHDeleteKeyA

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

409ef78bcf59e5d0f143c95cb17b8008

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

dbghelp

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 7KB - Virtual size: 37KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 7KB - Virtual size: 37KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 22KB - Virtual size: 21KB