6ece65f296650828baceb6259c5be6455227278d55af2a75ac81e086699a9160

Sharing

Copy URL Twitter E-mail

General

Target

6ece65f296650828baceb6259c5be6455227278d55af2a75ac81e086699a9160
Size

1.2MB
MD5

03e6638cce2603be4a5c644c5ce13e40
SHA1

1434652fae1a832cd04b215c690e05e3f00c6b76
SHA256

6ece65f296650828baceb6259c5be6455227278d55af2a75ac81e086699a9160
SHA512

ec96587853ac1aad0a8e1121b7d3d60ea7e29623414e853e3c414dcf9634c463f8aeb5cceae189751435c7c357cd5220f8c89daacab87910803542466838c10c
SSDEEP

24576:RdEvkvmWzOKPW6ZTnEsO008KQq7tfDkFMeU:7tPW6ZrEs49Qstb8q

Score

N/A

Malware Config

Signatures

Files

6ece65f296650828baceb6259c5be6455227278d55af2a75ac81e086699a9160
.exe windows x86

d74a9b5774d9c5df0b6cbbca4a07499e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestExW
HttpOpenRequestW
InternetSetOptionW
HttpEndRequestW
InternetCheckConnectionW
HttpSendRequestW
HttpQueryInfoW
InternetOpenUrlW
InternetWriteFile
InternetCrackUrlW
InternetOpenW
InternetReadFile
InternetConnectW
InternetCloseHandle

kernel32

GlobalAlloc
LoadLibraryW
LockResource
GlobalFree
FindResourceW
GlobalLock
SizeofResource
GlobalUnlock
LoadResource
MultiByteToWideChar
GetTempPathW
GetTempFileNameW
GetExitCodeProcess
WriteFile
GetFileAttributesW
WaitForSingleObject
GetLongPathNameW
GetModuleFileNameW
CreateFileW
GetUserDefaultLangID
LocalFree
LocalAlloc
lstrlenW
GetProcessHeap
HeapAlloc
HeapFree
FreeLibrary
ExpandEnvironmentStringsW
CopyFileW
CreateToolhelp32Snapshot
InterlockedIncrement
LoadLibraryA
GetComputerNameW
Process32FirstW
lstrcmpiW
GetCurrentProcessId
InitializeCriticalSection
LoadLibraryExW
InterlockedDecrement
DeleteCriticalSection
Process32NextW
FreeResource
GetACP
WideCharToMultiByte
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
ReadProcessMemory
ReleaseMutex
CreateMutexW
GetTickCount
GetWindowsDirectoryW
SetFileAttributesW
GetFullPathNameW
MoveFileExW
MoveFileW
CreateThread
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetVersionExA
RtlUnwind
HeapDestroy
HeapCreate
HeapSize
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
WriteProcessMemory
VirtualFreeEx
CloseHandle
GetCommandLineA
OpenProcess
VirtualAllocEx
Sleep
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
DeleteFileW
RemoveDirectoryW
GetLastError
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentThreadId
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
LCMapStringA
LCMapStringW
SetLastError
GetCurrentProcess
FlushInstructionCache
GetVersionExW
GetModuleHandleW
GetProcAddress
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStartupInfoA

user32

EnableWindow
GetActiveWindow
ShowWindow
GetWindow
GetMonitorInfoW
MonitorFromWindow
GetTopWindow
GetClientRect
SetWindowTextW
UnregisterClassA
SetDlgItemTextW
GetParent
BringWindowToTop
MapWindowPoints
MessageBoxW
GetWindowRect
PeekMessageW
CreateDialogParamW
CharNextW
SetCursor
PostQuitMessage
SetPropW
ScreenToClient
RegisterClassW
IsWindowVisible
EndPaint
TranslateMessage
DestroyWindow
GetWindowThreadProcessId
SystemParametersInfoW
DispatchMessageW
GetClassNameW
GetMessageW
BeginPaint
FindWindowExW
EnumWindows
UnregisterClassW
InvalidateRect
GetPropW
SetWindowPos
CallWindowProcW
GetClassInfoExW
GetDC
DefWindowProcW
SetMenuDefaultItem
TrackPopupMenu
LoadMenuW
SetWindowLongW
RegisterClassExW
SetForegroundWindow
LoadImageW
GetCursorPos
PostMessageW
GetSubMenu
RegisterWindowMessageW
LoadCursorW
CreateWindowExW
LoadIconW
GetDesktopWindow
KillTimer
SendMessageW
IsMenu
DestroyMenu
IsWindow
DestroyIcon
GetSystemMetrics
GetMenuDefaultItem
SetTimer
GetWindowLongW
ReleaseDC
SetWindowRgn
GetDlgItem

gdi32

CreateFontIndirectW
GetObjectW
BitBlt
GetPixel
CreateRectRgn
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SelectObject
DeleteDC

advapi32

RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegQueryInfoKeyW
GetUserNameW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyW
RegOpenKeyExW

shell32

SHFileOperationW
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteExW

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize

oleaut32

VarUI4FromStr

shlwapi

SHDeleteKeyW

comctl32

InitCommonControlsEx

iphlpapi

GetPerAdapterInfo
GetAdaptersInfo

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

dnsapi

DnsRecordListFree
DnsQuery_W

gdiplus

GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCloneImage
GdipCreateFromHDC
GdipFree
GdipDrawImageRectI
GdipAlloc
GdipGetImageHeight
GdipDisposeImage
GdipGetImageWidth
GdiplusShutdown
GdiplusStartup

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 849KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d74a9b5774d9c5df0b6cbbca4a07499e

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

iphlpapi

version

dnsapi

gdiplus

Sections

.text Size: 295KB - Virtual size: 294KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 849KB - Virtual size: 852KB

.text
Size: 295KB - Virtual size: 294KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 849KB - Virtual size: 852KB