6c1aee199eb1a48f9c17aa4ee2654cb319a9dea07a431a38521946baac3c4941

Sharing

Copy URL Twitter E-mail

General

Target

6c1aee199eb1a48f9c17aa4ee2654cb319a9dea07a431a38521946baac3c4941
Size

412KB
MD5

7a3236b3e54b041090225409c4d30530
SHA1

a311f8f060e0522cfd5e7276a2a68d34ecbfa573
SHA256

6c1aee199eb1a48f9c17aa4ee2654cb319a9dea07a431a38521946baac3c4941
SHA512

686b24b95ac4769e91d7737c761e216d4f5bd84c2808ea7ce5215204422fb9128b03a018de4600198ae11902ee5c5d8bfc9b3e0f5584d00d40a66db42948f8a6
SSDEEP

12288:TFcgWWRRX5ncMlv/xaQUhV08qFIVoV9RxR05:CXWRRX1cMRxJUhVjUq5

Score

N/A

Malware Config

Signatures

Files

6c1aee199eb1a48f9c17aa4ee2654cb319a9dea07a431a38521946baac3c4941
.exe windows x86

0dc26bd6707766ec3702c547cb576d9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
InterlockedDecrement
CreateEventA
CreateFileA
GetVersion
DeleteFileA
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
SetConsoleCtrlHandler
GetVersionExA
SetEvent
InterlockedIncrement
CloseHandle
WideCharToMultiByte
FindResourceA
LoadResource
SizeofResource
LockResource
_lcreat
_hwrite
_lclose
GetLastError
FormatMessageA
WaitForSingleObject
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetOEMCP
GetACP
LoadLibraryA
HeapSize
GetSystemInfo
VirtualProtect
SetStdHandle
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
SetFilePointer
FlushFileBuffers
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
VirtualQuery
InterlockedExchange
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
RaiseException
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
ReadFile
WriteFile
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

advapi32

ControlService
StartServiceA
QueryServiceStatus
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegOpenKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
OleUninitialize
CoSetProxyBlanket

oleaut32

SysStringLen
GetErrorInfo
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0dc26bd6707766ec3702c547cb576d9e

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 40KB - Virtual size: 37KB

.text Size: 260KB - Virtual size: 260KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 40KB - Virtual size: 37KB

.text
Size: 260KB - Virtual size: 260KB