6c215b72e9ad8543d290544182b4e23861f73dde939d6e4e3383645f6cdd5a14

Sharing

Copy URL Twitter E-mail

General

Target

6c215b72e9ad8543d290544182b4e23861f73dde939d6e4e3383645f6cdd5a14
Size

47KB
MD5

6c5cef0232e83c264a59038531007874
SHA1

18f6254f861e407c167807994e762bde341f1327
SHA256

6c215b72e9ad8543d290544182b4e23861f73dde939d6e4e3383645f6cdd5a14
SHA512

f02b6048d44f0a44ad481c9924936f0957c0fca21a1a81ced18877d1949978a35a9c45104d3ce344a4ed83f99d72c956f60431c73676a91cae201e2b8b057122
SSDEEP

768:Wu4QdX0IQTALqfJXPzkMIKtsi8x9P7pWxA/IGL0WFZnxE4wc7h3OwZhz2hV3+DO0:Wu4Qhvx6J/4Et9ggxAQI0mnO4wct5zEI

Score

N/A

Malware Config

Signatures

Files

6c215b72e9ad8543d290544182b4e23861f73dde939d6e4e3383645f6cdd5a14
.exe windows x86

c74fe5eb28fe92993a5a56201e7e63c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rtm

RtmReferenceHandles
SearchInTable
RtmReleaseDestInfo
RtmGetEntityInfo
RtmBlockDeleteRoutes
RtmHoldDestination
RtmGetMostSpecificDestination
RtmAddNextHop
RtmGetEnumDests
MgmGetMfeStats
RtmGetExactMatchRoute
RtmDeleteRouteToDest
MgmGetMfe
RtmRegisterClient
RtmDereferenceHandles
MgmGroupEnumerationEnd
RtmWriteAddressFamilyConfig
MgmDeInitialize
RtmGetInstances
RtmGetListEnumRoutes
RtmBlockMethods
RtmGetEnumRoutes
RtmGetFirstRoute
BestMatchInTable
MgmInitialize
RtmCreateRouteList
RtmDeleteRouteTable
RtmCreateEnumerationHandle
RtmReadInstanceConfig
MgmGetNextMfe
MgmTakeInterfaceOwnership
RtmIsBestRoute
InsertIntoTable
RtmWriteInstanceConfig
RtmGetNextRoute

shlwapi

StrToIntW
PathFindNextComponentW
PathRemoveBackslashA
PathIsURLW
StrDupW
SHEnumValueW
UrlEscapeA
StrCatChainW
StrPBrkW
SHRegEnumUSValueA
StrCmpNIA
StrCmpNA
SHQueryValueExW
GetMenuPosFromID
PathStripToRootA
UrlGetPartA
StrTrimW
PathRemoveFileSpecA
SHRegDeleteEmptyUSKeyA
SHRegDuplicateHKey
PathUnExpandEnvStringsW
StrToInt64ExA
PathIsPrefixA
PathFindExtensionW
IntlStrEqWorkerW
PathIsPrefixW
wnsprintfW
SHRegEnumUSValueW
PathGetCharTypeW
PathUnmakeSystemFolderW
StrToIntA
PathFindFileNameA

kernel32

SetSystemTimeAdjustment
GetConsoleScreenBufferInfo
Module32Next
FindNextVolumeMountPointA
GlobalHandle
GetConsoleSelectionInfo
TzSpecificLocalTimeToSystemTime
lstrcatA
VirtualAlloc
GetComputerNameExA
GetThreadPriority
LCMapStringW
HeapCreate
GetFileType
GetModuleHandleA
CreateNamedPipeW
GetStartupInfoA
LoadLibraryA
SetLastError
RtlFillMemory
GetACP
FreeLibrary
VDMConsoleOperation
GetTempPathW
EnumCalendarInfoW
AddRefActCtx
CommConfigDialogW
TryEnterCriticalSection
GetPrivateProfileIntA
FindResourceA
SetConsoleOutputCP
GlobalAlloc
GetThreadPriorityBoost
RegisterWaitForSingleObjectEx
InitializeCriticalSection
CreateDirectoryExW
WriteProfileStringW
GetCommandLineA
GetExpandedNameA
LZCreateFileW

wsock32

GetNameByTypeA
htonl
connect
getprotobyname
WSASetBlockingHook
WSAAsyncGetProtoByNumber
SetServiceA
send
WSAAsyncGetHostByName
shutdown
gethostname
SetServiceW
WSAUnhookBlockingHook
listen
dn_expand
bind
closesocket
getpeername
WSApSetPostRoutine
GetAddressByNameW
select
getservbyport
NPLoadNameSpaces
WSAStartup
EnumProtocolsA
ntohl
setsockopt
WSACancelAsyncRequest

msvcrt

strstr
_wrename
_commit
_wcmdln
_wsystem
_atoi64
_fpieee_flt
wcstombs
strlen
wcstoul
_searchenv
clearerr
_callnewh
__RTDynamicCast
localtime
_putenv
_setmaxstdio
strncmp
_seh_longjmp_unwind
_mbsnextc
??4bad_typeid@@QAEAAV0@ABV0@@Z
fputwc
__setusermatherr
_unloaddll
fsetpos
__CxxRegisterExceptionObject
_finite
___lc_handle_func
__p___mb_cur_max
iswalnum
_tzset
_strdup
qsort
??_7__non_rtti_object@@6B@
_getdllprocaddr

user32

MessageBoxA
EndDialog

shell32

SHGetMalloc

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c74fe5eb28fe92993a5a56201e7e63c0

Headers

DLL Characteristics

File Characteristics

Imports

rtm

shlwapi

kernel32

wsock32

msvcrt

user32

shell32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB