e8200d9136437c8633acf4be273009d69c673c027eb7d63212c83e95a5ee6575

Sharing

Copy URL Twitter E-mail

General

Target

e8200d9136437c8633acf4be273009d69c673c027eb7d63212c83e95a5ee6575
Size

132KB
MD5

89fafa18ad7ba51403624c44fe589548
SHA1

f931024121e6c0e3d11ec1ff2433edca0b40fd45
SHA256

e8200d9136437c8633acf4be273009d69c673c027eb7d63212c83e95a5ee6575
SHA512

b64d66a1f2747abdac1158c6e6be7aaa7171451117fb8eb8aa2c3c77b259a106b064f48775810a603111aa7cb93692469ae35b6925a22f660ce6f6fbf1913c14
SSDEEP

3072:doyK2OWAiFsBspALv3Q2KzgP2qISP/6YbRwAy6L4KYjzknp6rgYkA:d02WUUo9za/XwAywk3kpiZ

Score

N/A

Malware Config

Signatures

Files

e8200d9136437c8633acf4be273009d69c673c027eb7d63212c83e95a5ee6575
.exe windows x86

d38610a0134894ca5c760b43daac58d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
CryptReleaseContext
RegFlushKey
CryptAcquireContextA
RegEnumValueW
CryptImportKey
CryptHashData
CryptDestroyHash
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegSetValueExA
RegQueryInfoKeyA
RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
RegQueryInfoKeyW
CryptVerifySignatureA
RegOpenKeyExA
CryptCreateHash
RegCreateKeyExW
RegDeleteKeyA
RegSetValueExW
CryptDestroyKey
RegDeleteKeyW

kernel32

CreateFileW
FreeLibrary
CloseHandle
GetSystemTimeAsFileTime
CreateProcessA
Sleep
LocalFree
GetTickCount
CreateFileMappingW
IsDBCSLeadByte
HeapAlloc
GlobalFree
FindFirstFileW
WideCharToMultiByte
MapViewOfFile
GetModuleFileNameA
SetCurrentDirectoryW
GetCurrentProcessId
GetModuleHandleA
CopyFileW
LoadLibraryW
GetProcessVersion
InitializeCriticalSection
FormatMessageW
InterlockedDecrement
GlobalUnlock
lstrcpynW
MoveFileW
GetFileAttributesA
DeleteCriticalSection
GlobalLock
lstrcmpiA
MultiByteToWideChar
GetCurrentDirectoryW
LoadResource
LeaveCriticalSection
CreateFileMappingA
IsDebuggerPresent
WaitForSingleObject
InterlockedExchange
VirtualFree
GetThreadLocale
ExitProcess
GetCurrentThreadId
UnhandledExceptionFilter
FindClose
AddAtomW
GetLastError
GetEnvironmentVariableA
FindNextFileW
LoadLibraryA
CreateMutexA
OutputDebugStringW
HeapDestroy
SetUnhandledExceptionFilter
GetStdHandle
CreateDirectoryW
HeapReAlloc
GetFileAttributesW
SizeofResource
LoadLibraryExA
DuplicateHandle
GetFileAttributesExW
HeapFree
SystemTimeToFileTime
GetUserDefaultLCID
GetProcAddress
HeapSize
lstrlenW
InterlockedCompareExchange
GetStartupInfoA
QueryPerformanceCounter
LockResource
ExpandEnvironmentStringsW
EnterCriticalSection
RaiseException
GetACP
UnmapViewOfFile
lstrlenA
VirtualAlloc
InterlockedIncrement
DeleteAtom
ReleaseMutex
GetLocaleInfoA
GetModuleFileNameW
CreateEventA
GetUserDefaultUILanguage
GetSystemDefaultLCID
GetVersionExA
GetSystemTime
GetFileSize
CreateProcessW
FindResourceExA
FindResourceA
OpenProcess
TerminateProcess
LoadLibraryExW
FindAtomW
GlobalAlloc
SetEvent
GetProcessHeap
WriteFile
GetModuleHandleW
SetFileAttributesW

shlwapi

PathAddBackslashW
PathIsRelativeW
SHCopyKeyW
PathIsDirectoryW
PathUnquoteSpacesW
PathRemoveFileSpecW
PathFileExistsW
PathRemoveBlanksW
SHDeleteKeyW

user32

SetForegroundWindow
LoadImageA
LoadStringW
CharNextA
UnregisterClassA
CharNextW
LoadIconA
MessageBoxW
LoadBitmapA
GetSystemMetrics

shell32

SHGetFolderPathW
SHCreateDirectoryExW
SHFileOperationW

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

gdi32

DeleteObject

ole32

OleInitialize
CoReleaseMarshalData
CoDisconnectObject
CoMarshalInterface
IIDFromString
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
StringFromGUID2
CoCreateInstance
StringFromCLSID
CoInitializeSecurity
CreateStreamOnHGlobal
CoTaskMemRealloc

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d38610a0134894ca5c760b43daac58d7

Headers

File Characteristics

Imports

advapi32

kernel32

shlwapi

user32

shell32

ddraw

gdi32

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 1024B - Virtual size: 84KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 1024B - Virtual size: 84KB