6bed3adeb44d1a0195680ce3e0728fbe347d657b18f72a900e03a18ecac0200a

Sharing

Copy URL Twitter E-mail

General

Target

6bed3adeb44d1a0195680ce3e0728fbe347d657b18f72a900e03a18ecac0200a
Size

308KB
MD5

6ce211c3baf6dde694b7aa305f6a0710
SHA1

d2b757522827db870546f4e7e5ff7949d5c5c0bb
SHA256

6bed3adeb44d1a0195680ce3e0728fbe347d657b18f72a900e03a18ecac0200a
SHA512

d62f0f31bb3ff493b106023760d9ac5370e34f97244d48012006a3bb254bb90e4b2442b2d9cd4444e15a38a1c90d71ee7b507940ece6191fe05c196bd621e545
SSDEEP

6144:LEumgXuY5NCvwgxnDbO6gvyeml4rSoAyePYutJFzmA2Q2CMQa49m:TmgdNC7nG6TeE4WRL5tPzkQ

Score

N/A

Malware Config

Signatures

Files

6bed3adeb44d1a0195680ce3e0728fbe347d657b18f72a900e03a18ecac0200a
.exe windows x86

eb06bf4048d0e20409e71824054ebed4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SwitchToThread
GetTapePosition
IsProcessorFeaturePresent
OutputDebugStringW
ConnectNamedPipe
ExpandEnvironmentStringsW
LocalSize
SetEnvironmentVariableW
MoveFileExW
WriteConsoleA
GetCurrentThread
GetVersion
FreeEnvironmentStringsW
IsDBCSLeadByteEx
SetHandleInformation
GetProfileIntA
EnumResourceLanguagesA
_lcreat
TlsGetValue
PurgeComm
GlobalFindAtomA
SystemTimeToTzSpecificLocalTime
lstrcatW
WaitForMultipleObjectsEx
DebugBreak
GetConsoleOutputCP
CreateMailslotA
lstrcmpA
CompareFileTime
OpenEventW
GetLocaleInfoA
GetCurrentProcessId
PulseEvent
GetBinaryTypeA
LCMapStringA
GetConsoleTitleA
SetProcessWorkingSetSize
ReadConsoleOutputAttribute
DefineDosDeviceA
InitializeCriticalSectionAndSpinCount
GetLocalTime
FindFirstFileW
LocalReAlloc
VirtualAlloc
GetPriorityClass
FreeEnvironmentStringsA
FoldStringW
GetCompressedFileSizeW
WaitCommEvent
ScrollConsoleScreenBufferW
LoadResource
GetAtomNameA
GetConsoleTitleW
VirtualLock
CreateMutexA
ExitThread
CreateNamedPipeW
GetPrivateProfileStringW
WideCharToMultiByte
FindResourceW
SetCommBreak
FormatMessageW
RaiseException
GetShortPathNameW
GetVersionExA
GetModuleHandleA
CreateDirectoryW
SetConsoleTitleA
SetSystemTime
CreateSemaphoreA
CreateIoCompletionPort
GetStartupInfoA
GetDiskFreeSpaceA
FindNextChangeNotification
CreateConsoleScreenBuffer
SetThreadLocale
WriteProfileStringA
GlobalCompact
GetTimeZoneInformation
lstrcpynW
lstrcmpiW
_llseek
WriteProfileStringW
SetConsoleTextAttribute
WriteFileGather
IsValidCodePage
GetCurrentDirectoryW
FindFirstFileExW
WritePrivateProfileSectionW
DeviceIoControl
GetExitCodeThread
GetCPInfo
InterlockedExchangeAdd
UnlockFile
CreateFileMappingW
IsBadWritePtr
CallNamedPipeA
VirtualAllocEx
FileTimeToDosDateTime
GetThreadContext
VirtualProtect

user32

SendMessageTimeoutW
GetClassNameW
RegisterWindowMessageA
DefFrameProcA
mouse_event
SetCaretBlinkTime
BeginPaint
MapWindowPoints
GetTabbedTextExtentA
EndMenu
PostMessageW
AppendMenuA
GetActiveWindow
SetScrollRange
LoadCursorW
wsprintfA
IsWindow
CreateDesktopW
GetPropW
IsCharUpperA
GetGuiResources
GetDoubleClickTime
SetClipboardViewer

gdi32

GetTextColor
UnrealizeObject
RemoveFontResourceA
StartDocW
EnumObjects
GetClipBox
GetCharWidth32A
CopyEnhMetaFileA
BitBlt

comdlg32

ReplaceTextA
GetOpenFileNameW
FindTextA
ChooseFontW

advapi32

IsValidAcl
DeregisterEventSource
GetServiceKeyNameW
GetSidSubAuthority
ImpersonateNamedPipeClient
CryptDecrypt
ImpersonateLoggedOnUser
GetServiceDisplayNameA
RegOpenKeyW
RegSetValueExW
LockServiceDatabase
RegisterEventSourceW
RegisterServiceCtrlHandlerW
CreateProcessAsUserA
MapGenericMask
EnumServicesStatusA
EnumServicesStatusW
SetTokenInformation
RegDeleteValueA
DeleteService
RegQueryInfoKeyA
SetEntriesInAclW
RegCreateKeyA

shell32

SHGetPathFromIDListA
DuplicateIcon

ole32

ProgIDFromCLSID
StgCreateDocfileOnILockBytes
CreateOleAdviseHolder
RegisterDragDrop

oleaut32

SysAllocStringLen
SafeArrayGetLBound
VariantChangeType
CreateErrorInfo

shlwapi

SHSetThreadRef
PathAppendA
PathStripPathW
PathCommonPrefixW
StrTrimA
AssocCreate
PathIsDirectoryEmptyW
StrRetToStrW
PathAppendW
UrlCanonicalizeW
StrStrIW
SHStrDupW
StrCatBuffW

setupapi

SetupCloseInfFile
SetupDiOpenDevRegKey

msvcrt

__p__fmode
__setusermatherr
_controlfp
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strlen
__p__commode
_adjust_fdiv
__set_app_type
_except_handler3

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb06bf4048d0e20409e71824054ebed4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

msvcrt

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB