6e46a9d68e5903319fc1aed9646f433a55f63e4caac4ffdc8eb91076a0bb090a

Sharing

Copy URL

Twitter E-mail

General

Target

6e46a9d68e5903319fc1aed9646f433a55f63e4caac4ffdc8eb91076a0bb090a
Size

99KB
MD5

6db7b59e51df1f1b80e6574fa6efd620
SHA1

bc84f091d614091bdb6136080b3a8cbecbed2839
SHA256

6e46a9d68e5903319fc1aed9646f433a55f63e4caac4ffdc8eb91076a0bb090a
SHA512

8960d74795d48d30b430bd4031b0eec674334766a196f64a0f1c0f42195ba72d7c7e29ac3a432320d079e9bda878a1c9d5ff2d3dbe6011807c90a11e466174f5
SSDEEP

1536:9RyS8IR6Ds69wS9zJCrMKPf02jgnjFFIpVEg:9rjUs6y6JAMW82jCkEg

Score

N/A

Malware Config

Signatures

Files

6e46a9d68e5903319fc1aed9646f433a55f63e4caac4ffdc8eb91076a0bb090a
.exe windows x86

3541bad7c90a982c4ad44521110f3958

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
ExitProcess
CreateProcessA
CopyFileA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadResource
GetProcAddress
LoadLibraryA
GetStringTypeA
FlushFileBuffers
HeapReAlloc
SetStdHandle
SizeofResource
CreateFileA
WriteFile
CloseHandle
GetLocalTime
FreeLibrary
GetTimeZoneInformation
HeapAlloc
VirtualAlloc
HeapFree
HeapValidate
IsBadReadPtr
IsBadWritePtr
SetConsoleCtrlHandler
SetFilePointer
GetLastError
RtlUnwind
VirtualFree
HeapCreate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
HeapDestroy
GetStringTypeW

user32

SetTimer
CharUpperBuffA
GetMessageA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyExA

wsock32

htons
connect
recv
gethostbyname
send
closesocket
WSACleanup
ioctlsocket
socket
WSAStartup
gethostname

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3541bad7c90a982c4ad44521110f3958

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 17KB - Virtual size: 29KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 17KB - Virtual size: 29KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 4KB