c6dac1f4f6e14e83ced73fd24854c578a30bb15fdd4444dcd09c0fccec75b839

Sharing

Copy URL Twitter E-mail

General

Target

c6dac1f4f6e14e83ced73fd24854c578a30bb15fdd4444dcd09c0fccec75b839
Size

326KB
MD5

982330754d0f508d8244325604348474
SHA1

d3ea30fd272d7b80888dc40cac7b0732f4f9dad8
SHA256

c6dac1f4f6e14e83ced73fd24854c578a30bb15fdd4444dcd09c0fccec75b839
SHA512

896abff64b2d512d8d9ccf2e7c5b0f1020034b5047837ef2d8f7f13c5ba711bee8eb7ff0f4bcb83a4414ba64f43095ba970c12d4299a2053bb2d025bc99004e7
SSDEEP

6144:xOl1kyCm932SDJdT4v21yNeqwze6hBrPox8nqVM+4Pjz7REwZzs+AfqU:cCC3dddT4vDNe9K6LEx8H+4LzzlE

Score

N/A

Malware Config

Signatures

Files

c6dac1f4f6e14e83ced73fd24854c578a30bb15fdd4444dcd09c0fccec75b839
.exe windows x86

13acb14c41663e7614f1cd6d33be298f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICCompressorFree
DrawDibRealize
DrawDibDraw
DrawDibBegin
ICCompressorChoose
DrawDibClose
DrawDibGetPalette
ICSeqCompressFrameEnd
ICSeqCompressFrameStart
ICImageDecompress
DrawDibOpen
ICSeqCompressFrame

user32

RegisterClassW
ClientToScreen
wsprintfA
EmptyClipboard
ReleaseDC
MessageBoxW
KillTimer
CreateWindowExW
BeginPaint
TranslateMessage
LoadStringA
GetMessageW
SendMessageW
SetWindowLongW
DefWindowProcW
wvsprintfW
OpenClipboard
LoadStringW
GetDC
GetClipboardData
SetTimer
GetClassInfoW
GetClientRect
UpdateWindow
LoadCursorW
EndPaint
CloseClipboard
SetRect
GetAsyncKeyState
GetWindowLongW
GetParent
wsprintfW
MsgWaitForMultipleObjects
SetCursor
MessageBeep
SetClipboardData
PostMessageW
InvalidateRect
EqualRect
DispatchMessageW
PeekMessageW
IsWindow

gdi32

GetDeviceCaps
SelectPalette
GetSystemPaletteEntries
GetClipBox
GetNearestPaletteIndex
SetWindowOrgEx
GetDCOrgEx
GetObjectW
CreatePalette
GetPaletteEntries
PatBlt
SelectObject
DeleteObject
RealizePalette
GetStockObject

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

mmioCreateChunk
waveInPrepareHeader
waveInStart
mmioDescend
waveInAddBuffer
waveInReset
mmioSeek
mmioRead
SendDriverMessage
mmioClose
OpenDriver
mciSendStringW
mmioWrite
mmioOpenW
waveInStop
mmioFlush
CloseDriver
timeGetTime
waveInClose
waveOutGetNumDevs
mmioAscend
waveInOpen
waveInUnprepareHeader

secur32

QuerySecurityContextToken

kernel32

GetProcessHeap
lstrcpyW
lstrcpynW
lstrcatA
GetACP
DeleteFileW
GlobalReAlloc
GetThreadPriority
DisableThreadLibraryCalls
GetModuleFileNameW
GetFullPathNameW
GetProcAddress
GetLastError
lstrlenA
GetPrivateProfileStringW
GlobalLock
lstrcpyA
IsBadReadPtr
CloseHandle
CreateEventW
LocalHandle
GetOverlappedResult
SetEvent
GetLocalTime
GetFileSize
lstrlenW
GlobalUnlock
MulDiv
IsBadStringPtrW
LocalUnlock
Sleep
QueryPerformanceFrequency
GlobalAlloc
LocalFree
GetCurrentThreadId
IsBadWritePtr
FreeLibrary
HeapFree
DeleteCriticalSection
WriteFile
IsBadCodePtr
HeapAlloc
GetModuleHandleW
GlobalMemoryStatusEx
GetCurrentThread
SetFilePointer
WaitForSingleObject
GlobalFree
SleepEx
lstrcmpiW
LeaveCriticalSection
SetThreadPriority
lstrcatW
GetFileAttributesW
WideCharToMultiByte
LocalLock
LocalAlloc
GetSystemInfo
InitializeCriticalSection
MultiByteToWideChar
GlobalHandle
VirtualFree
QueryPerformanceCounter
GetDiskFreeSpaceW
IsBadHugeReadPtr
LoadLibraryW
GetVersionExW
EnterCriticalSection
CreateThread
CreateFileW

ntdll

_ftol
atoi
NtAllocateVirtualMemory

advapi32

RegCreateKeyW
RegCloseKey
RegEnumKeyW
RegQueryValueExA
RegOpenKeyA
RegQueryValueExW
RegOpenKeyW

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13acb14c41663e7614f1cd6d33be298f

Headers

DLL Characteristics

File Characteristics

Imports

msvfw32

user32

gdi32

version

winmm

secur32

kernel32

ntdll

advapi32

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 6KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 74KB - Virtual size: 73KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 6KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 74KB - Virtual size: 73KB

.rsrc
Size: 107KB - Virtual size: 106KB