6826fbb5e6d9392fb8d2d424b9d87a207ff2e039db20c395cd2ff0f13810f9a9

Sharing

Copy URL Twitter E-mail

General

Target

6826fbb5e6d9392fb8d2d424b9d87a207ff2e039db20c395cd2ff0f13810f9a9
Size

183KB
MD5

740e6a8376099e584eebf4883c5f1d80
SHA1

e232d9dea5b6149d6e94e1d4f985296376912b60
SHA256

6826fbb5e6d9392fb8d2d424b9d87a207ff2e039db20c395cd2ff0f13810f9a9
SHA512

33320308d8b44198f82c34214f7c9da18fb91f5a254c0441df4c6314519a17793329c55b29cd3fff3a6f902974e9d2a4fc6c708dca985a0de70c1d43148f96d1
SSDEEP

3072:brM4uh/OD08OTtK6gjZxS7oPXEI+X/LDbus8QSa6MD8KJFFjacOWozZk9:lUmI8atKzGcf+XTDb79SF/UdOZzZm

Score

N/A

Malware Config

Signatures

Files

6826fbb5e6d9392fb8d2d424b9d87a207ff2e039db20c395cd2ff0f13810f9a9
.exe windows x86

e11f14cb296af0af71d0e05dce3979fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSACleanup

kernel32

GetModuleHandleA
GetLongPathNameA
GetModuleFileNameA
CloseHandle
ReleaseMutex
GetCommandLineA
WaitForSingleObject
FreeLibrary
CreateMutexA
GetCurrentDirectoryA
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
LoadLibraryA
GetProcAddress
CompareStringW
GetLocaleInfoW
GetLastError
GetEnvironmentVariableA
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapAlloc
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetDriveTypeA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
DeleteFileA
GetVersionExA
HeapDestroy
HeapCreate
RtlUnwind
GetFullPathNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
ReadFile
InterlockedDecrement
InterlockedIncrement
CreateFileA
SetFilePointer
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetFileAttributesA
GetExitCodeProcess
CreateProcessA
Sleep
SetEndOfFile
IsValidLocale

user32

FindWindowA
PostMessageA
wsprintfA
MessageBoxA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA

Exports

Exports

CreateInterface

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e11f14cb296af0af71d0e05dce3979fa

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 92KB - Virtual size: 92KB