6e1688438e0bda6d7d4383e530cad7675352b5db4aa6b8318bd777b85d98221e

Sharing

Copy URL Twitter E-mail

General

Target

6e1688438e0bda6d7d4383e530cad7675352b5db4aa6b8318bd777b85d98221e
Size

137KB
MD5

6b0b41c51f8d05a174c81a13287a8f6f
SHA1

074611eec5e90ab06c4732829478e0f217099475
SHA256

6e1688438e0bda6d7d4383e530cad7675352b5db4aa6b8318bd777b85d98221e
SHA512

f21cfa73b623a2f88a76a548d250e841946e6719c94eda561e5cf055d58aaa23162a116bc93a68ed0d8a839eff720ea4868679a963103d9e6a70817ca1b2f7cc
SSDEEP

1536:/tfTFUSq41b4vJUmAXjOA/gfy8uBzvoghFB55GEqTMGBTMeeyM3PEsiJXFPN95Kb:jlUSeroDoUt5HKMGheyGSJMKAUssLTY

Score

N/A

Malware Config

Signatures

Files

6e1688438e0bda6d7d4383e530cad7675352b5db4aa6b8318bd777b85d98221e
.exe windows x86

0060ab9a621a84d5eea7e5c88f5e76b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_vsnwprintf

shlwapi

StrDupA
ord29
StrCmpW

shell32

ord165
SHCreateShellItem
SHGetSpecialFolderLocation

ws2_32

WSAStartup
WSAGetLastError
setsockopt
WSACleanup
WSASetLastError

kernel32

SetNamedPipeHandleState
lstrcpyW
GlobalMemoryStatus
FindResourceW
FreeLibrary
LoadResource
SystemTimeToFileTime
GlobalSize
SetEvent
GetProcessHeap
HeapDestroy
GetSystemInfo
GetStdHandle
FindFirstFileA
GetHandleInformation
GetProcessHeaps
SetStdHandle
GlobalFree
ResetEvent
FindNextFileA
GetFileTime
GetVersion
GlobalAddAtomW
LocalFree
GlobalReAlloc
lstrcpyA
LoadLibraryA
GetProcAddress
FindResourceExA
GetSystemDirectoryA
WaitForMultipleObjects
GetModuleHandleW
GetFileInformationByHandle
GetFileSizeEx

user32

BeginPaint
DrawTextExW
GetMessageExtraInfo
SetWindowRgn
GetWindowTextLengthW
EndPaint
MoveWindow
IsCharAlphaNumericA
SetClipboardData
UpdateWindow
ChangeClipboardChain
GetWindowPlacement
CreateIconIndirect
GetClassLongW
ScreenToClient
ClientToScreen
TranslateAcceleratorA
RedrawWindow
DestroyCursor
LoadAcceleratorsA
FindWindowExW
CreateWindowExW
SwitchToThisWindow
GetMessagePos
GetWindowLongW
GetClassWord
GetDC
TranslateMessage
LockWindowUpdate
ScrollDC
MessageBoxIndirectA
PeekMessageA
LoadCursorA
DispatchMessageW

gdi32

GetObjectW
CreateCompatibleDC
DescribePixelFormat
LPtoDP
GetDCPenColor
GetCharWidthA
Chord
GetStretchBltMode
DeleteObject
UnrealizeObject
GetDeviceCaps
RestoreDC
GetObjectType
GetRasterizerCaps
GetStockObject
SetTextJustification

advapi32

CloseEncryptedFileRaw
WriteEncryptedFileRaw
ObjectPrivilegeAuditAlarmA
ObjectCloseAuditAlarmA
AdjustTokenGroups
PrivilegeCheck
AccessCheckAndAuditAlarmA
SetTokenInformation

Exports

Exports

_Copy_Type_Data@20
_Find_Obj_By_Type@4
_Find_Type_By_Name@8
_Get_Type_List@12
_Open_Obj@8

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

GLOBAL
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0060ab9a621a84d5eea7e5c88f5e76b9

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

ws2_32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.code Size: 512B - Virtual size: 496B

.rdata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 552B

.edata Size: 512B - Virtual size: 192B

GLOBAL Size: 512B - Virtual size: 116B

.rsrc Size: 117KB - Virtual size: 117KB

.reloc Size: 1024B - Virtual size: 672B

.text
Size: 12KB - Virtual size: 12KB

.code
Size: 512B - Virtual size: 496B

.rdata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 552B

.edata
Size: 512B - Virtual size: 192B

GLOBAL
Size: 512B - Virtual size: 116B

.rsrc
Size: 117KB - Virtual size: 117KB

.reloc
Size: 1024B - Virtual size: 672B