b6bbdcd2f7bb8eb4ad691c8f028e39b8a353614c56f74eb57a99414566be2ab5

Sharing

Copy URL Twitter E-mail

General

Target

b6bbdcd2f7bb8eb4ad691c8f028e39b8a353614c56f74eb57a99414566be2ab5
Size

36KB
MD5

60f60e234028bc5b8a6ed6e08319b4e0
SHA1

5586131571427e6f744cf3a6a621bb986444dccc
SHA256

b6bbdcd2f7bb8eb4ad691c8f028e39b8a353614c56f74eb57a99414566be2ab5
SHA512

7345ca2010998040f85cb1270ccff4808264bd0cbe4766523a7a6341e2ff60a2666c479956c85cf2a93d0172e6b41f5a238353176e436c0e5ca7b30fc580bfe6
SSDEEP

768:jAW2ct6AUZd/VyehnnB0wPPvgMwiACHwOIBy8n9k/VQ:jAWxid/HhnB0yvgMRACGnz

Score

N/A

Malware Config

Signatures

Files

b6bbdcd2f7bb8eb4ad691c8f028e39b8a353614c56f74eb57a99414566be2ab5
.exe windows x86

a31dc1f118320e960396b1f73eb49fc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
TraceMessage

kernel32

LCMapStringW
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
FreeLibrary
LoadLibraryExW
SetThreadPreferredUILanguages
HeapSetInformation
GetModuleHandleW
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcrt

_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_except_handler4_common
_controlfp
_wtol
_wtoi
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_callnewh
_amsg_exit
_initterm
malloc
exit
_XcptFilter
setlocale
memset
_vsnwprintf
__CxxFrameHandler3
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
free
_CxxThrowException
_exit
_cexit
__wgetmainargs
towupper
__setusermatherr

wbemcomn

?Write@CMemoryLog@@QAEXJ@Z
?GetMemLogObject@@YGPAVCMemoryLog@@XZ

user32

LoadStringW

ole32

CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a31dc1f118320e960396b1f73eb49fc2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

wbemcomn

user32

ole32

version

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 18KB - Virtual size: 21KB

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 18KB - Virtual size: 21KB