6dfd4a12437cf38a4ecdb24891dbff464602fcbe435cf6c15a643637d7f4e1b0

Sharing

Copy URL

Twitter E-mail

General

Target

6dfd4a12437cf38a4ecdb24891dbff464602fcbe435cf6c15a643637d7f4e1b0
Size

7.4MB
MD5

7ecdf36bd30c2d9653ea31b6baf32910
SHA1

b1d6c01c397924f2324091261bb4f29156a58f0a
SHA256

6dfd4a12437cf38a4ecdb24891dbff464602fcbe435cf6c15a643637d7f4e1b0
SHA512

1c3402096ab086239e39931c1587ab7c31172faf6307aad396683e0ea7ec6df24f7dbc1b2307fa099fe5d66c592864563217aced68bb9a106978d8b1086b2c88
SSDEEP

98304:9ZZ/cgViav9TpaPDpgTDPgzPGw1Z83AVcxxqA6dfi//LXSH2IWhkUPRO3w8A:9jci9wbpgTD1w1Z83YcmBda//T/I4Rq

Score

N/A

Malware Config

Signatures

Files

6dfd4a12437cf38a4ecdb24891dbff464602fcbe435cf6c15a643637d7f4e1b0
.exe windows x86

2d328c5abe4a256052fb1546154d88bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

GetUserNameW

user32

CharUpperBuffW

Exports

Exports

\�캋�6�Ŧ�"�e��2~�-��bc\Xd^{�,6 ߥ��w�ZsZb\��hw�I�V��Aũ�}��8f��DM�Av'�@0��'�U~��J�+@��6G_ʳ|�lxG��7}d��8ϲ�/=_8Ę��)�5O��WX�u�k5�T�z�;��:W�a�,�^��}�If5C�7��#? =�+)��ʊ�1�G ��{R��׬�d.m��h��B�9Č�]{:,"�wʤ�C�iB��rjd�+m��毒��w@ʋ:m�E|r7�_d>A�8[��+d�� J?t]n�C�Sa��(�$Q�]�*�~��v�߭{.�x#��V��.��g�PhD�}�.��um-@e�UP�J�{�J��,.x>��@�)/�Շ��`�y�_��">%I�#`�(YR�аIN1O��k�Y��вe^1��SD?��g�� +��%��TkA��7��S/��)̣,/^ ��X�$@o��E�:F��R�be6�E9�k'bҎ ��H6��F�11��E��h��J\�'�J��A��6�(a��H�l�9�H��ʲZ+i8��Eܰ/7�&�C��R\.��)}-Y��X��H��8�Q��A��$��̉$!�I��B�ZC<u쵽��Ѯ��DsO��,�R#w,�c�^f5"ޤ�S�OY4��Wh��x��h�S��!˝�XV �>��8t�j�|�ʷ܁�ĥ��z"S��go� �;�%�t"^�]H�a;7��=6q�:u��cņ[�)�e.�޺�sm��d��Vb`o��4_5g8J��{ ܢd�n��37��"$�E�8!�ө�b�Q��xgf>O�9��C��(�P]�S��I:o��l��DA�at�� H\s�'lE9�͏]cõ-�w��$[-w��7OZ'$��?9��,sB��O��:��C�t e� ��x�#Z�%�Cw�MJ�R�Ѫ�u��>}ېa)9�_m)��d%��d��X{�)G+o��v�j��"B��;FPr�׸��l5.�4�G�D��2]P� O��"��Ҙ�M�; �E��7�qo4��-��]�T��9�Q�uen�W9�Mw�Լ��WLL��teŒ�4Z��N�r��]�R��/�8�.2mDƏ�=��TKH��bD��Bfe0m+bMu��,��Ż�Q�+��E�4�v/�.�2�r�!�+��<UtVM�hܢýQ~��E<t��T{�� `]��i� ��H]I;�8 �ՖXth<�$^��K�i�L��I*y��v��2+8ݲ'j H끘6-��*S��˪ń9*>Pwʔ��<�KԢ�� 7�5��W�,[��&�x^U>��}hN��19�.ci��݁�j��ݏ��e&�fL��g��R5�5x��~o�r�R�L�H|�]$.m��:��1��0�D��<��f��$��B�|@��E��@��b"�f��mE�,-M�r�lMO�#8h�G�s��Y��j��f�9�c��He��Ɲ_�`$�Ꝗ�� \Px9��3�F�Ā�$Zp�l��L�Q�Hf9��E��7�Ɋ�|�`�,7��ˋ��y��3��d��rbݽFR��&g�� fc�A�ȥ�}[��0K�x��K:��N[�d��#i4�Hm@)#�7 �'v> �\U*��ի��?� "pS!wz~��h�y6�\j-,c��l� �^7>��-tt%.�'OSEn��|�0L��s��Ħ�J��%��_��_9 K�[0�B[�X�U��r#�b<�i F��#i�&{�9�_9��( ̉I[b@�F��ފ�q��8@(��2��bۓ�2ecݦl��d<p]1�#,��~k�`Eop5E�˲�X��INĂ�72h_=\�uMP`�L�m�C�?�`8fW��mi_�@.��r��.��uY��3�Qk}��o��J(�K2 m�B(��n�T� qm�*�QE�� ;��p♠�bb��W�B��e9I��l�2�KV�MxL��ظa��lJD V��#�9�. �9'US8,��9�L<��r��3:D�,D9�V�%�׊5p7��ɄAt[3�b{V�s��͕J��;�P�!�P��JH��or�K� b�k=�]t ]3��OqO�>�d�2�8�u[��i�[H5��hՠ�QQi��F�f��ڴg{�}p�d��v�3��1��l��>��,5q��f끋��E.e��p�a:qTo^�)x�E��Fv玆�,��|��(X�o�굮�4'A�ҹ��W?�ؘ��$��x`R3��0p"U�t��H+��!�.1�9,i[�b\�іT� �W""��&vޟ�=��_}�eZ�T��A�%��:�$��WPLm*��I��-]�5.��5fN�E��X�Ov�l1d~��羂�"��¬��ya��בAH9�J�.�Ky�=I E��T�d1~��^�LQ��I�wжwMm.C�Al͜ԕжF|�٦wQ��r��6�_ �yu|ON��~K�&5J��!N��'��t�I��a��l �� N){4._G)@��K�pe$]ɬ��m��1�fV��`$��A�t�߄�\��0*NA7a�т=��X@{2�&54��IInw�ނ�:sIR��#%W�`'z�wS7�@X%蚝�L��e��㍺G��OC+�TqjZd-nzy��9��S�g��;��\y�G,k�b��Fˇν?��~u�{6�aK2O�g1�/L�`�8�#�zg*4��` =��*w�V�"h<c𲖆P}�|��+ɖo<��4�l� G�@w�.ևUW� ��R��!t�G��߯D�(�Dp��[ؚʔ��U�Tv��n�HU�/g��.�"[�h�3��!��

Sections

.text
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.k_3
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.y''
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cQ#
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d328c5abe4a256052fb1546154d88bf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 41KB

.rdata Size: - Virtual size: 6KB

.data Size: - Virtual size: 5KB

.k_3 Size: - Virtual size: 4.0MB

.y'' Size: 1024B - Virtual size: 880B

.cQ# Size: 7.0MB - Virtual size: 7.0MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 402KB - Virtual size: 401KB

.text
Size: - Virtual size: 41KB

.rdata
Size: - Virtual size: 6KB

.data
Size: - Virtual size: 5KB

.k_3
Size: - Virtual size: 4.0MB

.y''
Size: 1024B - Virtual size: 880B

.cQ#
Size: 7.0MB - Virtual size: 7.0MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 402KB - Virtual size: 401KB