6656c21f7bf6466ba89ebf9cd84f7a3d182a306e9ba0bf0b244772438fe05f9b

Sharing

Copy URL Twitter E-mail

General

Target

6656c21f7bf6466ba89ebf9cd84f7a3d182a306e9ba0bf0b244772438fe05f9b
Size

180KB
MD5

6f4408ce889acdd6deb2cb539c93dc20
SHA1

80dced48d58c54dcf442e32b3c817b730e698faa
SHA256

6656c21f7bf6466ba89ebf9cd84f7a3d182a306e9ba0bf0b244772438fe05f9b
SHA512

018c3d44e8c8cfd771cf7de2f6ad2c96d18c4f2897395885139566a427039015d1cd98f18f24c40d157435953dd020ba0bedaee30e138bd1d57a83a4adc79a96
SSDEEP

3072:M0prqG98gwmUXfT03awqr55TTUnrn5lfzgBx8AXt398JzSLITTvPSThE+XyVR:M0pvVUw3ir7uj8x8Ad39ZmT

Score

N/A

Malware Config

Signatures

Files

6656c21f7bf6466ba89ebf9cd84f7a3d182a306e9ba0bf0b244772438fe05f9b
.exe windows x86

c34fbdda741e293aecd688bf23ddf932

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetKeyboardState
IsDlgButtonChecked
GetSystemMetrics
EndDialog
EnableWindow
IsWindowUnicode
LoadStringA
FrameRect
GetWindowRect
SetWindowWord
SetDlgItemTextA
GetDlgItem
DialogBoxParamA

kernel32

GetCurrentThreadId
GetFileSize
GetFullPathNameA
GetLastError
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetCurrentThread
GetSystemDirectoryA
GetUserDefaultLangID
GetVersionExA
GetWindowsDirectoryA
LocalAlloc
MapViewOfFile
MultiByteToWideChar
OpenFile
OpenProcess
Process32First
Process32Next
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetLastError
GetCurrentProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WinExec
GetCurrentDirectoryA
GetComputerNameA
FreeLibrary
FormatMessageA
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessA
CreateFileMappingA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle
GetStartupInfoA
TerminateProcess

advapi32

QueryServiceStatus
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RevertToSelf
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
OpenServiceA
OpenSCManagerA
OpenProcessToken
LookupPrivilegeValueA
IsValidSecurityDescriptor
InitializeSecurityDescriptor
InitializeAcl
GetUserNameA
GetLengthSid
FreeSid
DeleteService
ControlService
CloseServiceHandle
AllocateAndInitializeSid
AdjustTokenPrivileges
AddAccessAllowedAce
RegCloseKey
OpenThreadToken

comdlg32

CommDlgExtendedError

shlwapi

PathIsDirectoryA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

oleaut32

SysFreeString
VarUI4FromStr

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize

Exports

Exports

ADeviceInputPCM
FIsSpaceA
OpenTable
OpenWFileStreamW
ProcessBatch2

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c34fbdda741e293aecd688bf23ddf932

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

comdlg32

shlwapi

version

oleaut32

shell32

ole32

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 32KB - Virtual size: 33KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 32KB - Virtual size: 33KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 3KB - Virtual size: 2KB