e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6

Sharing

Copy URL

Twitter E-mail

General

Target

e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6
Size

93KB
MD5

f05dbb721b31f12466b6114adc2fce39
SHA1

ff7bb5b04b87c1e4b0f9eaf7988fd92d84e25c6b
SHA256

e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6
SHA512

bd8669b5ad88a654a65db9579da4f2990d725261bee958ec0c7d6db3f112e170c50ea5541a81b5f1c3ff48419dfe50fc644d4da5b8d3b74983a8e16d8acb9553
SSDEEP

1536:y6aJHA5jXjYE30YS9PGD1uPVEWlrYtI/8CnP0qYmGl6HCIGJgTnr4n:y6aJHAdp3rsPAuPZ3ECnPYmGlWVTnr4

Score

1^/10

Malware Config

Signatures

Files

e4ea88887753a936eaf3361dcc00380b88b0c210dcbde24f8f7ce27991856bf6
.exe windows x86

b364ed804027915d457c27cb584b0fbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize

kernel32

GetPrivateProfileSectionNamesW
ResumeThread
GetPrivateProfileStringW
Sleep
lstrcpyA
MoveFileExW
GetCurrentProcessId
CreateProcessW
CreateProcessA
TerminateJobObject
lstrcmpiW
GetTickCount
GetCommandLineW
GetCurrentProcess
TerminateProcess
lstrcmpA
SetFileAttributesW
ExitProcess
lstrcmpW
SetErrorMode
WaitForSingleObject
ExitThread
SetUnhandledExceptionFilter
FindFirstFileW
FindNextFileW
ExpandEnvironmentStringsW
CreateJobObjectW
TerminateThread
GetWindowsDirectoryW
MoveFileW
AssignProcessToJobObject
WaitForMultipleObjects
EnterCriticalSection
lstrcpynW
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
OpenEventA
GetModuleFileNameW
GetEnvironmentVariableA
UnmapViewOfFile
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
SetEvent
Process32FirstW
CreateFileMappingA
SetEnvironmentVariableA
CreateEventA
GetEnvironmentVariableW
GetCurrentThreadId
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateDirectoryW
lstrcmpiA
lstrcpyW
GlobalUnlock
GetTempFileNameW
CopyFileW
GetFileSize
LocalFree
GlobalLock
GetProcAddress
CreateThread
CloseHandle
DeleteFileW
GlobalAlloc
lstrcatW
LoadLibraryA
GetLastError
FormatMessageW
GetModuleHandleA
lstrcatA
GetFileAttributesW
CreateFileW
LocalAlloc
lstrlenA
VirtualAlloc
WriteFile
SetFilePointer
lstrlenW
VirtualFree
ReadFile
FindClose
GetVersionExW

user32

GetKeyboardLayoutList
GetProcessWindowStation
GetDesktopWindow
GetUserObjectInformationW
EnumDisplayDevicesW
GetThreadDesktop
GetSystemMetrics
MonitorFromWindow
ToAscii
SetForegroundWindow
PtInRect
OpenDesktopW
MenuItemFromPoint
HiliteMenuItem
ActivateKeyboardLayout
PrintWindow
BringWindowToTop
GetTopWindow
CreateDesktopW
SetWindowLongA
VkKeyScanExA
GetKeyboardState
GetMenuItemCount
SetActiveWindow
SetWindowPos
GetDC
GetMenu
GetWindow
PostMessageW
GetWindowRect
SendMessageTimeoutW
SendMessageTimeoutA
ScreenToClient
WindowFromPoint
GetWindowPlacement
IsWindow
GetKeyboardLayout
MoveWindow
SetFocus
LoadKeyboardLayoutA
SystemParametersInfoA
GetParent
IsWindowVisible
SetThreadDesktop
GetWindowLongA
GetWindowTextW
OemToCharA
GetClassNameW
CharLowerA
GetWindowThreadProcessId
FindWindowExW
PostMessageA
wsprintfA
FindWindowW
EnumDesktopWindows
OpenClipboard
wvsprintfW
CloseClipboard
EmptyClipboard
wvsprintfA
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable

gdi32

CreateSolidBrush
BitBlt
CreateCompatibleBitmap
SelectObject
Rectangle
DeleteObject
GetDIBits
DeleteDC
CreatePen
CreateCompatibleDC

advapi32

RegSetValueA
GetSidSubAuthorityCount
GetSidSubAuthority
RegQueryValueExW
RegDeleteValueA
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyExA
RegSetValueExA
RegSetValueExW
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegEnumKeyA
GetTokenInformation
OpenProcessToken

shell32

SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b364ed804027915d457c27cb584b0fbe

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 5KB - Virtual size: 21KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 5KB - Virtual size: 21KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB