6b007bd32feb0d10eb4d0a63848a82d0e2231b1ffcd8fac33bbf1598afc0b963

Sharing

Copy URL Twitter E-mail

General

Target

6b007bd32feb0d10eb4d0a63848a82d0e2231b1ffcd8fac33bbf1598afc0b963
Size

88KB
MD5

6c865875b03ab43f5e1eb62560f7b7b0
SHA1

81ad090a5bb643fd6f58091b4eb04b48ae006d9b
SHA256

6b007bd32feb0d10eb4d0a63848a82d0e2231b1ffcd8fac33bbf1598afc0b963
SHA512

558d8c3214f6647c2504e78bb9cbcdb8253e1a364930c67391762a2f35c7f4ec2b4eee1531461a7a0bd5f51841eec46bcebc062630af6ac66b43c2b6439c68e6
SSDEEP

1536:wfFDQy4rgECriy0WzKHBQsQJzN17wli8a7TfTe3hP3bXB2nm6oRBk5Rd+l+J:IpziVNHBiJ172i8bP3bxhHfiv+li

Score

N/A

Malware Config

Signatures

Files

6b007bd32feb0d10eb4d0a63848a82d0e2231b1ffcd8fac33bbf1598afc0b963
.exe windows x86

bbbf745599d8fdf8ef0b3fa777559017

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetFileSize
CreateFileW
WriteFile
ReadFile
SetFilePointer
GetShortPathNameW
GetEnvironmentVariableW
GetProcAddress
LoadLibraryW
OpenSemaphoreW
CreateSemaphoreW
CreateEventW
OpenEventW
CreateDirectoryW
GetModuleFileNameW
ExitProcess
SetEvent
WideCharToMultiByte
GetSystemInfo
lstrcatW
GetVersionExW
GetComputerNameW
CreateMutexW
CreateThread
FindClose
FindNextFileW
FindFirstFileW
WaitForMultipleObjects
OpenMutexW
ExitThread
GetTempPathW
CreateProcessW
ResumeThread
SuspendThread
MultiByteToWideChar
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
GetLastError
Sleep
GetTickCount
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
GetFileAttributesW
GetTimeZoneInformation
GetSystemTime
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

RegSetValueExW
GetUserNameW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
IsTextUnicode

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbbf745599d8fdf8ef0b3fa777559017

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 16B