6ec1cd65e23075cd0ed1d6808b7337d94d0e6c0872bd2178ffdc8bd5325e0177

Sharing

Copy URL Twitter E-mail

General

Target

6ec1cd65e23075cd0ed1d6808b7337d94d0e6c0872bd2178ffdc8bd5325e0177
Size

109KB
MD5

684c48e841377415c5b88dbec54cb56d
SHA1

c2c5f08d7148b89be8ff169e7b73e660cdf0e801
SHA256

6ec1cd65e23075cd0ed1d6808b7337d94d0e6c0872bd2178ffdc8bd5325e0177
SHA512

5652a161157a0fd722cbf279c21595f9ea631748701c0b79fff642921b0dd3589262fb013b92283ef505edbb7671bc33531b8c1713c357e0fca80ff143d28e3d
SSDEEP

1536:ue6ZH7ttv729uGzKv76iVUMY8BkZESf4mO6qogLrq3ks3wCXd96ovk4/eqKUamA1:j6ZPgW75VUMYnqBa02t967n1+CSE

Score

N/A

Malware Config

Signatures

Files

6ec1cd65e23075cd0ed1d6808b7337d94d0e6c0872bd2178ffdc8bd5325e0177
.exe windows x86

539afc0678cf981c559b620d04fe5bb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
VirtualProtectEx
GetCurrentProcessId
RtlUnwind
TerminateProcess
CreateProcessW
SetEnvironmentVariableA
GetFileAttributesW
FileTimeToDosDateTime
CreateDirectoryA
GetCPInfo
GetNumberFormatA
SetThreadLocale
UnhandledExceptionFilter
GetCommandLineA
GetSystemTime
CreateFileMappingA

msvcrt

_initterm
__p___initenv
_controlfp
_adjust_fdiv
_exit
__getmainargs
strlen
__setusermatherr
_except_handler3
strcpy
__p__fmode
fprintf
free
__p__commode
fopen
_XcptFilter
__dllonexit
strncmp
strncpy
fputs
__set_app_type
sqrt
calloc

comdlg32

GetOpenFileNameA

user32

DispatchMessageA
SetWindowsHookExA
RemoveMenu
SetDlgItemTextA
GetMenuStringA
DefWindowProcA
TranslateMessage
DrawTextA
SetForegroundWindow
DialogBoxParamA
IsWindow
SetActiveWindow
IsWindowVisible
GetScrollInfo
GetCapture

gdi32

EnumMetaFile
GetClipRgn
BitBlt
GetCurrentObject
FillPath
GetTextExtentPoint32W
SetTextColor
GetSystemPaletteEntries
CreateRectRgnIndirect
DeleteObject
AddFontResourceA
PtVisible
CreateFontIndirectA
GetPixel

advapi32

AddAccessAllowedAce
RegDeleteKeyW
SetSecurityDescriptorDacl
DeregisterEventSource
CryptCreateHash
RegOpenKeyExA
RegQueryInfoKeyW
InitiateSystemShutdownA
RegOpenKeyW
QueryServiceStatus
RegDeleteKeyA

ole32

OleIsCurrentClipboard
GetRunningObjectTable
CoInitializeSecurity
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoInitialize
OleFlushClipboard
CLSIDFromString
PropVariantClear

comctl32

ImageList_BeginDrag
ImageList_SetDragCursorImage
InitCommonControls
ImageList_GetImageInfo
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_GetIconSize
ImageList_Replace
DestroyPropertySheetPage
CreateStatusWindowA
ImageList_SetBkColor
ImageList_Add
ImageList_Read

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

539afc0678cf981c559b620d04fe5bb0

Headers

File Characteristics

Imports

kernel32

msvcrt

comdlg32

user32

gdi32

advapi32

ole32

comctl32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 46KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 46KB

.rsrc
Size: 20KB - Virtual size: 20KB