6d9e624bf5c7a882453788227f7f1834664267e4068a6301c7de86052dc121e8

Sharing

Copy URL Twitter E-mail

General

Target

6d9e624bf5c7a882453788227f7f1834664267e4068a6301c7de86052dc121e8
Size

184KB
MD5

03cc9d24d42d040ffc795ef47b823cf0
SHA1

672d7e886e37e42c6326dde11186795ee21509d3
SHA256

6d9e624bf5c7a882453788227f7f1834664267e4068a6301c7de86052dc121e8
SHA512

f4ff6429ecc14dce159e58dd0aebca5963a98f5e4b214526f6ba88f951474d4f9352c014dbc69eadcda6ec79f9508b5b37440e21a1dd8fea28ac6c2247308191
SSDEEP

3072:yleK7ZAG1lAglct86rXo1OxPJUR5IrCYNsG5d3drafA45Ym5v:yNZA1glctfA5o1tra4jm

Score

N/A

Malware Config

Signatures

Files

6d9e624bf5c7a882453788227f7f1834664267e4068a6301c7de86052dc121e8
.exe windows x86

903eb72a43f9e8a57ab1bdc6975f40d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleCtrlHandler
GetEnvironmentVariableA
IsDBCSLeadByte
SetConsoleMode
GetConsoleMode
ExitProcess
LocalFree
FormatMessageA
GetLastError
WriteFile
GetCurrentProcess
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
ReadFile
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
SetFilePointer
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
CreateFileA
SetStdHandle
LCMapStringW
LCMapStringA
RaiseException
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CloseHandle
GetProcAddress
VirtualAlloc
GetFileAttributesA
FlushFileBuffers
SetHandleCount
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetModuleHandleA
GetStartupInfoA
GetFileType
GetCommandLineA
GetVersion
GetTimeZoneInformation
Sleep
GetLocalTime
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
TerminateProcess
GetModuleFileNameA
DuplicateHandle
WriteConsoleA
DeleteFileA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW

user32

CharToOemA

ntwdblib

ord74
ord160
ord157
ord23
ord94
ord29
ord28
ord24
ord31
ord51
ord43
ord48
ord71
ord159
ord70
ord75
ord58
ord93
ord76
ord66
ord53
ord34
ord17
ord78
ord64
ord11
ord77
ord18
ord124
ord129
ord121
ord25
ord49
ord30
ord32

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

h�
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

903eb72a43f9e8a57ab1bdc6975f40d7

Headers

File Characteristics

Imports

kernel32

user32

ntwdblib

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 1KB

h� Size: 88KB - Virtual size: 88KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 1KB

h�
Size: 88KB - Virtual size: 88KB