6cba61687ef56202d82f1324b47ac58c6b8ef8fa5396fa0a50727f8e7f373dab

Sharing

Copy URL Twitter E-mail

General

Target

6cba61687ef56202d82f1324b47ac58c6b8ef8fa5396fa0a50727f8e7f373dab
Size

1.3MB
MD5

7ccb5342b9e9c0c5f418801bad00077f
SHA1

762838a42c3c4c605dfe4638ee28154108a30f6f
SHA256

6cba61687ef56202d82f1324b47ac58c6b8ef8fa5396fa0a50727f8e7f373dab
SHA512

bdbbf24c7f88188bcf21567168b21fb356222353a000b4e042e8e9d0a210e9e037f7bbfb5c0d7e08a9d97d588917d7a39bc6bc94ea3a111324ab7d8b3a6d0557
SSDEEP

12288:9BD1qBg6xW46Kx6D/OzJbiHYGep3YXNKJoqS3wATH4AIWQ/BHqA:8g6ARROzNFjYDkZ

Score

N/A

Malware Config

Signatures

Files

6cba61687ef56202d82f1324b47ac58c6b8ef8fa5396fa0a50727f8e7f373dab
.exe windows x86

6c2e231f63a627a377d4c7c56089e97c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetCPInfo
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetStdHandle
WriteFile
TerminateProcess
ExitProcess
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
VirtualQuery
InterlockedExchange
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
GetVersionExA
FlushFileBuffers
GetLocaleInfoW
ReadFile
CompareStringA
CompareStringW
GetCommandLineW
GetVersionExW
WaitForSingleObject
ReleaseMutex
DeleteFileW
FindNextFileW
RemoveDirectoryW
FindFirstFileW
FindClose
SetFileAttributesW
MoveFileExW
GetWindowsDirectoryW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
CreateFileW
CreateProcessW
GetExitCodeProcess
CloseHandle
GetCurrentThread
LocalAlloc
LocalFree
WideCharToMultiByte
GetCurrentProcess
lstrcmpiW
GetUserDefaultLCID
lstrcpynW
lstrcatW
Sleep
lstrlenW
CreateMutexW
GetLastError
lstrcmpW
OutputDebugStringW
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
FreeLibrary
GetUserDefaultLangID
lstrcpyW
LoadLibraryW
GetSystemDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
GetModuleHandleA
SetEnvironmentVariableA

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

user32

FindWindowExW
IsWindowVisible
PostQuitMessage
PtInRect
MessageBoxW
SystemParametersInfoW
ReleaseDC
SendDlgItemMessageW
wvsprintfW
wsprintfA
ExitWindowsEx
GetClassNameW
MapWindowPoints
MapDialogRect
InvalidateRect
CallWindowProcW
LoadImageW
IsWindowEnabled
SetFocus
DestroyWindow
KillTimer
SetWindowTextW
GetClientRect
GetWindowRect
ScreenToClient
CheckDlgButton
MoveWindow
IsDlgButtonChecked
CheckRadioButton
EnableWindow
LoadStringW
SetWindowLongW
DialogBoxParamW
SetDlgItemTextW
EndDialog
SetTimer
GetDlgItem
IsWindow
GetDC
LoadCursorW
RegisterClassExW
CreateWindowExW
ShowWindow
UpdateWindow
DefWindowProcW
BeginPaint
EndPaint
GetParent
FindWindowW
SendMessageW
PostMessageW
EnumDisplaySettingsW
GetSystemMetrics
ChangeDisplaySettingsW
wsprintfW
GetWindowLongW

gdi32

CreateFontW
GetDeviceCaps
GetObjectW
CreateBrushIndirect
PatBlt
GetPixel
CreateCompatibleDC
CreateBitmap
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
BitBlt
SetBkColor
GetStockObject
CreateFontIndirectW
SelectObject
SetTextColor
GetTextExtentPoint32W
TextOutW
DeleteObject
CreateDCW
DeleteDC
SetBkMode

comctl32

PropertySheetW
CreatePropertySheetPageW

advapi32

RegDeleteValueW
RegFlushKey
RegEnumKeyExW
RegLoadKeyW
RegUnLoadKeyW
RegDeleteKeyW
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegCreateKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteW

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c2e231f63a627a377d4c7c56089e97c

Headers

File Characteristics

Imports

kernel32

version

user32

gdi32

comctl32

advapi32

shell32

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 12KB - Virtual size: 48KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

PACK Size: 144KB - Virtual size: 380KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 12KB - Virtual size: 48KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

PACK
Size: 144KB - Virtual size: 380KB