6ca5dd9aa208b50ec02363a1a79be2b8481ad2f95e55c76d491651cbe253bad4

Sharing

Copy URL

Twitter E-mail

General

Target

6ca5dd9aa208b50ec02363a1a79be2b8481ad2f95e55c76d491651cbe253bad4
Size

117KB
MD5

e3f4c24e54d08b6930af25480b273dc6
SHA1

ce3909de44bcee89009dcb9f902c18bc354b36df
SHA256

6ca5dd9aa208b50ec02363a1a79be2b8481ad2f95e55c76d491651cbe253bad4
SHA512

b936a8f8a6ea1008b7c551947397062c6fbe4f470f1dce505107d3246ff80c86537fee41a42a5d0fd75cdfa60fc75e59596a09869f65f3dd6717f0ad5ae2aa75
SSDEEP

3072:m8iL6pVpwLDi9k9ZW9nkv8dudL9Fvjsp3XzbN1KvR:HiLQDwLDOnkcudZxsFdwZ

Score

N/A

Malware Config

Signatures

Files

6ca5dd9aa208b50ec02363a1a79be2b8481ad2f95e55c76d491651cbe253bad4
.exe windows x86

ece8121f5635961c697a3f4546d5deee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

VkKeyScanExW
SetRect
DialogBoxParamW
EnumDisplaySettingsExW
AllowForegroundActivation
GetParent
SetSystemCursor
DisableProcessWindowsGhosting
IsDialogMessageW
DefWindowProcW
GetMenuStringA
IsWindowInDestroy
AppendMenuW
ClipCursor
SetActiveWindow

advapi32

RemoveUsersFromEncryptedFile
RegReplaceKeyA
GetSidIdentifierAuthority
AreAllAccessesGranted
GetEffectiveRightsFromAclW
I_ScSetServiceBitsW
CreateServiceA
RegQueryValueExW
GetSidSubAuthorityCount
SystemFunction014
EnumDependentServicesW
SetSecurityInfoExW
RegSetValueExA
RegEnumValueW
CryptContextAddRef
AdjustTokenPrivileges

gdi32

GetPixel
OffsetRgn
CreateColorSpaceA
EngBitBlt
GdiGetPageHandle
DPtoLP
ExtTextOutW
GetBkColor
ExtEscape
EngPaint
EnumFontFamiliesExA

kernel32

DeleteFileA
PeekConsoleInputW
InterlockedCompareExchange
CreateSemaphoreA
CompareStringW
SetHandleCount
VerSetConditionMask
GetShortPathNameW
FindResourceExA
RtlUnwind
GetConsoleMode
VirtualAlloc
SetConsoleMode
GetTimeZoneInformation
GetComputerNameA
Module32FirstW
GetSystemWindowsDirectoryW
_hread
GetExitCodeThread
CreateDirectoryExW
UpdateResourceA
ShowConsoleCursor
CancelIo
GetCommTimeouts
HeapUnlock
GetProfileStringW
EnumResourceTypesA
SizeofResource
GetThreadSelectorEntry
GetProcessHeap
GetLongPathNameW
GetProcessPriorityBoost
IsBadReadPtr
OpenThread
CreateToolhelp32Snapshot
FindNextFileA
SuspendThread
CreateJobObjectW
CreateFileA
ContinueDebugEvent
GetModuleFileNameW
SetupComm
ConnectNamedPipe
GetCurrentDirectoryA
GetConsoleAliasExesLengthW

Sections

BSS
Size: 34KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 35KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 27KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ece8121f5635961c697a3f4546d5deee

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Sections

BSS Size: 34KB - Virtual size: 122KB

.bss Size: 35KB - Virtual size: 55KB

DATA Size: 27KB - Virtual size: 59KB

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

BSS
Size: 34KB - Virtual size: 122KB

.bss
Size: 35KB - Virtual size: 55KB

DATA
Size: 27KB - Virtual size: 59KB

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB