6c901db5687c46bd94dfd022cb5f0f22b8dbc35db47ab579c0148c4c8080f205

Sharing

Copy URL Twitter E-mail

General

Target

6c901db5687c46bd94dfd022cb5f0f22b8dbc35db47ab579c0148c4c8080f205
Size

222KB
MD5

5e4c8fe2cf3172361b10ada50777270a
SHA1

a25ff39fe13a18ff7d83776464e84437bfe10568
SHA256

6c901db5687c46bd94dfd022cb5f0f22b8dbc35db47ab579c0148c4c8080f205
SHA512

6a81e403613d9cb3cd876d6bdc1eb715876cc592e3e98d1ad24fd34eb43268ad1e84d918d41a68f5d63aa422b00c45dc66881ffcfa4fd700d7939166e8d19732
SSDEEP

3072:8ASXEqtDUU2NrkybueaJRs952hqG3Tp9TM90C2P:8t/tYtNgyb8JKnsL9TM9u

Score

N/A

Malware Config

Signatures

Files

6c901db5687c46bd94dfd022cb5f0f22b8dbc35db47ab579c0148c4c8080f205
.exe windows x86

a8e2fe6e209cd2239a1e28ed3dd4208e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
CloseServiceHandle
ControlService
CreateServiceA
DeleteService
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
OpenServiceA
StartServiceA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
SetBkColor
SetBkMode
SetTextAlign
SetTextColor

kernel32

CloseHandle
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
EnumResourceNamesA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
GetCommandLineA
GetCurrentThreadId
GetExitCodeThread
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStringTypeA
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalReAlloc
LoadLibraryA
MultiByteToWideChar
ReadFile
ResumeThread
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile
CreateFileMappingA
CreateRemoteThread
DebugActiveProcess
DeviceIoControl
FindResourceA
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetThreadContext
GetWindowsDirectoryA
IsBadReadPtr
LoadLibraryExA
LoadResource
LockResource
MapViewOfFile
OpenProcess
OpenThread
ReadProcessMemory
SetThreadContext
SizeofResource
TerminateProcess
TerminateThread
UnmapViewOfFile
VirtualAllocEx
VirtualFreeEx
VirtualProtect
VirtualProtectEx
WriteProcessMemory
CreateToolhelp32Snapshot
Thread32First
Thread32Next
Module32First

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoUninitialize
ProgIDFromCLSID

oleaut32

GetActiveObject
SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

AttachThreadInput
CharLowerBuffA
CharNextA
CharUpperBuffA
CheckRadioButton
ClientToScreen
CreateAcceleratorTableA
CreateDialogIndirectParamA
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
DeleteMenu
DestroyAcceleratorTable
DestroyIcon
DestroyWindow
DialogBoxIndirectParamA
DispatchMessageA
DrawMenuBar
EnableWindow
EndDialog
FillRect
GetClassNameA
GetClientRect
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetForegroundWindow
GetMenu
GetMenuItemInfoA
GetSysColor
GetSysColorBrush
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
InsertMenuItemA
IsDialogMessageA
IsWindow
LoadCursorA
LoadIconA
LoadImageA
MapDialogRect
MessageBoxA
PeekMessageA
PostMessageA
RedrawWindow
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TranslateAccelerator
TranslateMessage
UpdateWindow
DialogBoxParamA
EnumChildWindows
EnumWindows
GetFocus
GetParent
IsIconic
EndTask

shell32

ExtractIconExA
ShellExecuteA

comctl32

InitCommonControls
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Remove
ImageList_GetIcon
ImageList_LoadImageA

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExA
GetDeviceDriverFileNameA
EnumDeviceDrivers

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

t�90F�
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8e2fe6e209cd2239a1e28ed3dd4208e

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

user32

shell32

comctl32

psapi

Sections

.text Size: 83KB - Virtual size: 82KB

.data Size: 10KB - Virtual size: 15KB

.link Size: 5KB - Virtual size: 5KB

.rsrc Size: 35KB - Virtual size: 35KB

.rloc Size: 4KB - Virtual size: 3KB

t�90F� Size: 83KB - Virtual size: 84KB

.text
Size: 83KB - Virtual size: 82KB

.data
Size: 10KB - Virtual size: 15KB

.link
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 35KB - Virtual size: 35KB

.rloc
Size: 4KB - Virtual size: 3KB

t�90F�
Size: 83KB - Virtual size: 84KB