3e0ea678c5f57290ee52f3436afa06ba1bae4a01d3275644a41e938516c8f8bb

Sharing

Copy URL

Twitter E-mail

General

Target

3e0ea678c5f57290ee52f3436afa06ba1bae4a01d3275644a41e938516c8f8bb
Size

168KB
MD5

13ac56707b9294519be6f69d193aab58
SHA1

0d9b4a06e0ee67aff16f4e58f86d2d07c1a7198d
SHA256

3e0ea678c5f57290ee52f3436afa06ba1bae4a01d3275644a41e938516c8f8bb
SHA512

976a3ed5e3aa1e9f605659e996da5d98ed9ee270710d2a5e4040e7ae5be386033d355eeb2537f9f0d5d696db50980e53a99fea4daca20c688002ed2cef06ee06
SSDEEP

3072:hKrjx+KWHx6RvNgH6o3VonNYY8Mm1w2sfaKLlRUMK:hUjx+xaFgHT3mOY8NsfJlu

Score

1^/10

Malware Config

Signatures

Files

3e0ea678c5f57290ee52f3436afa06ba1bae4a01d3275644a41e938516c8f8bb
.exe windows x86

3b9c426a6fdec2cb62dc7c138a0d2616

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
GetWindowsDirectoryA
FindFirstVolumeMountPointW
FindFirstChangeNotificationA
WaitForSingleObject
ReadConsoleInputW
VerifyVersionInfoA
GetVersionExA
GetCurrentProcess
OpenEventA
CreateFileMappingW
SetLocaleInfoW
GetProcAddress
GlobalAlloc
GetConsoleTitleW
DeleteFileA
FindResourceW
GetLongPathNameA
GetBinaryTypeA
SetLastError
GetProfileSectionA
WriteProfileStringW
GetComputerNameExW
GetConsoleMode
WriteProfileSectionW
SetVolumeMountPointA
EnumResourceLanguagesA
CommConfigDialogA
EnumDateFormatsA
DeleteVolumeMountPointA
GetModuleHandleA
ZombifyActCtx
WritePrivateProfileStringW
GetSystemDirectoryA
GetStringTypeW
GetShortPathNameW
EnumCalendarInfoA
VerifyVersionInfoW
EnumCalendarInfoW
FindNextFileW
ReleaseActCtx
BuildCommDCBAndTimeoutsA
GetCurrentActCtx
FindFirstFileW
WriteConsoleW
GetConsoleAliasA
LoadLibraryA
HeapReAlloc
MultiByteToWideChar
RaiseException
RtlUnwind
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
IsProcessorFeaturePresent
HeapAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
GetCurrentThreadId
InterlockedDecrement
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
HeapSize
SetStdHandle
WideCharToMultiByte
GetConsoleCP
FlushFileBuffers
LoadLibraryW
LCMapStringW
SetFilePointer

user32

LoadMenuA
GetMessagePos

advapi32

RevertToSelf

shell32

FindExecutableW

ole32

CoGetInstanceFromFile

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b9c426a6fdec2cb62dc7c138a0d2616

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 78KB - Virtual size: 1.3MB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 78KB - Virtual size: 1.3MB

.rsrc
Size: 9KB - Virtual size: 9KB