c6c30e26400b023dcd821f1c4bad971d302157dab13af2625929588a4eb21617

Sharing

Copy URL Twitter E-mail

General

Target

c6c30e26400b023dcd821f1c4bad971d302157dab13af2625929588a4eb21617
Size

160KB
MD5

5d85554911e2e6f2d4a7cdd04466f8c8
SHA1

e986ba055ad5f4db1cca59b88516814a90ee10d2
SHA256

c6c30e26400b023dcd821f1c4bad971d302157dab13af2625929588a4eb21617
SHA512

a27389e8e387266e61e26fe13c3995f390747aa02bf7d505e214ea4f707d86562fd02b2e1635d5dd09cd05b72b8fd4d5b86c8612a01331a62fbe1dbd006d23ee
SSDEEP

3072:3+B9QL2SNzlT/T5h2n4EkOi1viMDGpO4/tAiVHQQoT84IgyPILU8:3a9QL2QzlP34411qDj/XNQdP0QL

Score

N/A

Malware Config

Signatures

Files

c6c30e26400b023dcd821f1c4bad971d302157dab13af2625929588a4eb21617
.exe windows x86

6d3ae13d0fc3c654995a6693648ac2d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
SHGetDiskFreeSpaceA
SHFileOperationA
SHGetFolderPathA

msvcrt

memmove
wcschr
sprintf
wcscspn
rand
atol
swprintf
sqrt
strlen
wcstol
calloc
exit
mbstowcs
malloc

shlwapi

PathIsDirectoryA
SHSetValueA
SHGetValueA
PathFileExistsA
SHDeleteValueA
PathGetCharTypeA
SHDeleteKeyA
SHStrDupA
SHQueryValueExA
SHQueryInfoKeyA

user32

CreateMenu
SetWindowLongA
SetWindowPos
SetCursor
GetActiveWindow
GetMenuItemInfoA
DrawTextA
GetClassLongA
CheckMenuItem
IsChild
EnumWindows
DefMDIChildProcA
EnableScrollBar
SetWindowTextA
GetCursor
SetTimer
CallWindowProcA
EnableWindow
GetFocus
DispatchMessageW
FindWindowA
CallNextHookEx
GetScrollInfo
HideCaret
GetCursorPos

comdlg32

ChooseColorA

comctl32

ImageList_Create
ImageList_DrawEx
ImageList_Destroy
ImageList_GetBkColor
ImageList_Write

gdi32

CreateBitmap
CreatePenIndirect

ole32

CLSIDFromString
GetHGlobalFromStream
CoGetMalloc
OleRun
MkParseDisplayName

version

GetFileVersionInfoA
VerQueryValueA

oleaut32

SafeArrayCreate
SysAllocStringLen
SafeArrayUnaccessData
SysReAllocStringLen
SysFreeString

ntdll

RtlDeleteCriticalSection
atol
NtWaitForSingleObject
wcscat
atoi

kernel32

LoadLibraryExA
FindFirstFileA
GetVersionExA
GetFileSize
GetLastError
SetEvent
GetCPInfo
GetOEMCP
LocalAlloc
SetHandleCount
GlobalDeleteAtom
WriteFile
WaitForSingleObject
ExitThread
LocalFree
lstrcpynA
LoadLibraryA
GetCurrentThreadId
GetACP
HeapAlloc
GetModuleHandleA
VirtualAllocEx

advapi32

RegOpenKeyA
GetUserNameA
RegEnumKeyA
RegDeleteKeyA

Sections

.CODE
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 121KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d3ae13d0fc3c654995a6693648ac2d0

Headers

File Characteristics

Imports

shell32

msvcrt

shlwapi

user32

comdlg32

comctl32

gdi32

ole32

version

oleaut32

ntdll

kernel32

advapi32

Sections

.CODE Size: 32KB - Virtual size: 31KB

.init Size: 121KB - Virtual size: 197KB

.tls Size: 4KB - Virtual size: 4KB

INIT Size: 512B - Virtual size: 38B

.CODE
Size: 32KB - Virtual size: 31KB

.init
Size: 121KB - Virtual size: 197KB

.tls
Size: 4KB - Virtual size: 4KB

INIT
Size: 512B - Virtual size: 38B