e6953a0cb32eed2e54e25817d450341ce961c6957526ca84a98427b764a97a99

Sharing

Copy URL Twitter E-mail

General

Target

e6953a0cb32eed2e54e25817d450341ce961c6957526ca84a98427b764a97a99
Size

360KB
MD5

6802917598cbf93feebb5d97173326a0
SHA1

f1cf4ef597f5cf20723733517cbebd26a393de01
SHA256

e6953a0cb32eed2e54e25817d450341ce961c6957526ca84a98427b764a97a99
SHA512

7ff206559cb6824cb5f23a0b0d667c82df40ce1aa637acf22a4443c25f0d3328af5f35715a7b31f673725ee86cf3dd3584d0c8cfa625561f7c968b033b560fe6
SSDEEP

6144:GvaqboalpFUBrrBmChU7dJg1AVIQYMJag8WWPcOOA:GvaqboKXUhrBmO8dm1Aq3gfWP6

Score

N/A

Malware Config

Signatures

Files

e6953a0cb32eed2e54e25817d450341ce961c6957526ca84a98427b764a97a99
.exe windows x86

607ae2f6f89c379c915f9db48d302888

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
GetLogicalDriveStringsW
WritePrivateProfileSectionA
GetSystemWindowsDirectoryW
GetProfileStringW
GetProfileSectionA
WaitForSingleObject
GetComputerNameW
UnlockFile
SetEvent
OpenSemaphoreA
LockFile
ConnectNamedPipe
GetModuleHandleW
UnlockFileEx
ExpandEnvironmentStringsA
GetPrivateProfileStringW
SetFileTime
GetWindowsDirectoryA
VirtualQueryEx
WriteFile
GetSystemTimes
GetDriveTypeA
GetProcessTimes
OpenProcess
GetSystemDirectoryW
SetFileShortNameW
GetVolumeInformationA
GlobalFindAtomA
VirtualFreeEx
CopyFileW
GetPrivateProfileStructW
GetSystemPowerStatus
SizeofResource
CreateEventA
GetProcessHandleCount
GetSystemWindowsDirectoryA
GetSystemTimeAdjustment
GetVersionExW
InitAtomTable
GetFileAttributesA
GetExitCodeProcess
lstrcpynW
TransactNamedPipe
WritePrivateProfileStructW
GetNamedPipeInfo
IsProcessorFeaturePresent
CreateSemaphoreA
GetFileAttributesW
GetBinaryTypeA
WritePrivateProfileSectionW
GetAtomNameW
FileTimeToSystemTime
GetMailslotInfo
ReadFile
GetModuleFileNameW
GetSystemDirectoryA
GetTimeZoneInformation
CreateFileW
GetThreadPriorityBoost
GetBinaryTypeW
GetEnvironmentVariableA
lstrcmpW
lstrlenW
ReleaseSemaphore
CreateMailslotW
WritePrivateProfileStringW
DisconnectNamedPipe
VirtualUnlock
FlushFileBuffers
GetTempPathW
GetShortPathNameA
InterlockedExchange
GetFileSizeEx
GetStdHandle
FindFirstFileA
GetLogicalDriveStringsA
OpenMutexW
GetHandleInformation
SetMailslotInfo
GetLongPathNameW
lstrcmpiA
GetLongPathNameA
VirtualAlloc
MoveFileW
CopyFileA
LockFileEx
VirtualProtectEx
SetFileAttributesA
VirtualAllocEx
GetProcessVersion
GetDiskFreeSpaceW
GetPrivateProfileStringA
ResetEvent
OpenWaitableTimerA
GetAtomNameA
OpenThread
OpenMutexA
CreateSemaphoreW
GetProcessId
GetProcessWorkingSetSize
InterlockedExchangeAdd
OpenWaitableTimerW
CreateFileMappingA
GetFileType
WritePrivateProfileStringA
MoveFileA
CreateFileMappingW
AddAtomW
GlobalMemoryStatusEx
CreateEventW
OpenEventA
GetProfileStringA
GetDiskFreeSpaceA
VirtualLock
AddAtomA
DeviceIoControl
GetPrivateProfileStructA
SetNamedPipeHandleState
GlobalFindAtomW
CreatePipe
GetModuleFileNameA
GetPrivateProfileSectionNamesA
GetThreadPriority
lstrcmpiW
GetModuleHandleA
GetProcessShutdownParameters
CreateWaitableTimerW
CreateMutexA
GetProcessAffinityMask
GetPrivateProfileSectionA
CreateMailslotA
VirtualProtect
GetCurrentDirectoryA
GetFileTime
OpenEventW
GetSystemRegistryQuota
GetShortPathNameW
OpenSemaphoreW
ReleaseMutex
SetFileShortNameA
GetVersionExA
FindAtomW
CloseHandle
GetWindowsDirectoryW
FileTimeToLocalFileTime
DeleteFileW
DeleteAtom
GetFileInformationByHandle
CreateWaitableTimerA
GetPrivateProfileSectionW
GetThreadTimes
GetTempPathA
GetProfileSectionW
SetFileAttributesW
DeleteFileA
GetVolumeInformationW
ExpandEnvironmentStringsW
LocalFileTimeToFileTime
InterlockedDecrement
SystemTimeToFileTime
InterlockedIncrement
LoadResource
FindResourceW
SetErrorMode
GetProcessIoCounters
SetEndOfFile
lstrcpynA
VirtualQuery
GetDriveTypeW
MapViewOfFile
PeekNamedPipe
WritePrivateProfileStructA
lstrlenA
SetFilePointer
FindFirstFileW
lstrcmpA
FindResourceA
CreateMutexW
GlobalDeleteAtom
GetFileSize
CreateFileA
DosDateTimeToFileTime
GetPrivateProfileSectionNamesW
FileTimeToDosDateTime
PulseEvent
GetThreadContext
GetEnvironmentVariableW
GetCurrentDirectoryW
GetComputerNameA

user32

IsChild
LoadStringA
LoadIconA
LoadCursorW
GetDC
LoadAcceleratorsW
RegisterClassExW
RegisterClassExA
LoadStringW
LoadAcceleratorsA
ShowWindow
IsWindow
RegisterClassW
UpdateWindow
LoadCursorA
RegisterClassA
SetActiveWindow
IsMenu
DestroyWindow
LoadIconW

advapi32

CryptReleaseContext
CryptGetKeyParam
RegEnumKeyW
RegCreateKeyW
CryptDeriveKey
CryptSetProvParam
CryptAcquireContextW
CryptGetHashParam
CryptSetHashParam
RegDeleteKeyA
RegDeleteKeyW
RegCreateKeyA
CryptGetProvParam
RegDeleteValueW
FileEncryptionStatusA
CryptGenRandom
RegDeleteValueA
CryptEncrypt
EncryptFileA
CryptCreateHash
FileEncryptionStatusW
CryptGenKey
CryptDestroyKey
DecryptFileA
RegEnumKeyA
CryptDecrypt
CryptGetUserKey
EncryptFileW
CryptHashData
DecryptFileW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetSpecialFolderPathA
SHGetFolderPathA

msvcrt

_CIexp
memset
_CIcosh
_CIcos
_CIlog
_CIsinh
_CIsin
_CIsqrt
_CIfmod
_CIpow

Sections

.text
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

607ae2f6f89c379c915f9db48d302888

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

Sections

.text Size: 340KB - Virtual size: 340KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 340KB - Virtual size: 340KB

.rsrc
Size: 16KB - Virtual size: 16KB