6bc75c1868f9aa0a689d1cf04173cff3864cced4efe42504908615dce6907cdd

Sharing

Copy URL Twitter E-mail

General

Target

6bc75c1868f9aa0a689d1cf04173cff3864cced4efe42504908615dce6907cdd
Size

58KB
MD5

3df978f9a50d43d3795cbf7eeb03c028
SHA1

ec01d1c68f8f76ed5d82136e6a5523ba1d252171
SHA256

6bc75c1868f9aa0a689d1cf04173cff3864cced4efe42504908615dce6907cdd
SHA512

4a679343813abb91c35abc3522611db28d4d541b27b4dc831ea9c1db1df87afe3d481cb682e0e5303e89620d73a20508e66940dd20592995bd0d093f40f8f648
SSDEEP

1536:GS5/B4FzMDtrAiCu5IoZSAzcwf3MveTdXMLk:G6mdM5rP5IoZSAzcwf3MvwdXM

Score

N/A

Malware Config

Signatures

Files

6bc75c1868f9aa0a689d1cf04173cff3864cced4efe42504908615dce6907cdd
.exe windows x86

39ca950ca9c0bbcb0132469af66eeef2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
GetTokenInformation
IsWellKnownSid
OpenProcessToken
RegisterEventSourceA
ReportEventA

setupapi

SetupRenameErrorA
SetupUninstallOEMInfA

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateEventA
CreateMutexA
CreatePipe
DefineDosDeviceA
DeleteCriticalSection
DeleteVolumeMountPointA
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstVolumeA
FindFirstVolumeW
FindNextVolumeA
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetOEMCP
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetThreadTimes
GetTimeZoneInformation
GetUserDefaultLCID
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GetWindowsDirectoryA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LocalFree
MoveFileA
MultiByteToWideChar
OpenMutexA
PeekNamedPipe
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetUnhandledExceptionFilter
SetVolumeMountPointA
SizeofResource
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualQuery
VirtualUnlock
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
lstrlenW

user32

OpenInputDesktop
OpenWindowStationA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetCurrentObject
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32W
GetTextMetricsA
LineTo
MoveToEx
SelectObject
SetMapMode
SetStretchBltMode
StretchBlt

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileA
SHBrowseForFolderW
SHChangeNotify
SHGetFileInfoA
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
Shell_NotifyIconA
Shell_NotifyIconW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 255B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ca950ca9c0bbcb0132469af66eeef2

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

user32

gdi32

shell32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 255B

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 255B

.rsrc
Size: 19KB - Virtual size: 18KB