649ea3c75c949857255007191616591e2d9ebd20553617769419433191ab902a

Sharing

Copy URL Twitter E-mail

General

Target

649ea3c75c949857255007191616591e2d9ebd20553617769419433191ab902a
Size

460KB
MD5

6fd249a33d7b898fe05712898c1fd2eb
SHA1

0f9d133bfc3af949bd15389d6ae45d3f2c27d4b0
SHA256

649ea3c75c949857255007191616591e2d9ebd20553617769419433191ab902a
SHA512

5804d4b6e04ffabb1918964dbdbdbd744824ce2b88159897db92b590ec0c055d10ba41d9a4276c1ca6e074cffc75a3230861c935ca9672c0bafe0394118b73c5
SSDEEP

12288:G5Lu18ubTV+8aj+kK0Mo06fYHODsiSXK4lUHYtBtRflSifC5:Go1fbTGjO0M16fk/fXK4aHY7R

Score

N/A

Malware Config

Signatures

Files

649ea3c75c949857255007191616591e2d9ebd20553617769419433191ab902a
.exe windows x86

6aeeb1c156774a860f70c7644e735f3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontA
GetEnhMetaFileDescriptionW
ScaleViewportExtEx
GetTextMetricsW
SetBkColor
SetDIBits
GetCharABCWidthsFloatA
CreateDIBPatternBrushPt
PolyPolygon
GetCharWidth32A
GetMetaRgn
GetOutlineTextMetricsW
SetStretchBltMode
GdiSetBatchLimit
GetClipRgn
GdiGetBatchLimit
SetROP2
CreateMetaFileW

kernel32

GetModuleFileNameA
IsValidLocale
TlsSetValue
VirtualAlloc
TlsAlloc
IsDebuggerPresent
GetSystemTimeAsFileTime
InterlockedIncrement
LeaveCriticalSection
FoldStringA
GetLastError
InterlockedExchange
Sleep
GetLogicalDrives
TerminateProcess
GetCurrentThread
LCMapStringA
GetCPInfo
EnumCalendarInfoA
CompareStringA
CompareStringW
GlobalAddAtomW
IsValidCodePage
UnhandledExceptionFilter
GetModuleHandleA
LCMapStringW
SetConsoleCtrlHandler
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetOEMCP
FreeLibrary
TlsFree
DeleteCriticalSection
HeapDestroy
InterlockedDecrement
WriteProfileSectionA
GetDateFormatA
QueryPerformanceCounter
GetACP
GetModuleHandleW
SetUnhandledExceptionFilter
EnumSystemLocalesW
GetTickCount
LoadLibraryA
SetConsoleTextAttribute
AllocConsole
GetStdHandle
GetCurrentThreadId
FreeEnvironmentStringsW
TlsGetValue
GetCommandLineA
GetCurrentProcess
GetAtomNameA
EnumSystemLocalesA
HeapCreate
GetStringTypeW
GetEnvironmentStrings
VirtualFree
GetNamedPipeHandleStateW
EnterCriticalSection
CreateNamedPipeA
WideCharToMultiByte
SetHandleCount
HeapFree
GetTimeZoneInformation
FreeEnvironmentStringsA
HeapAlloc
SetEnvironmentVariableA
GetUserDefaultLCID
WriteFile
SetLastError
GetProcAddress
MultiByteToWideChar
GetFileType
HeapSize
EnumTimeFormatsA
VirtualUnlock
ExitProcess
VirtualQuery
GetTimeFormatA
GetEnvironmentStringsW
RtlUnwind
GetProcessShutdownParameters
WriteConsoleOutputCharacterW
FlushInstructionCache
GetStringTypeA
GetCurrentProcessId
HeapReAlloc
GetStartupInfoA
GetLocaleInfoA

shell32

SHAppBarMessage
ShellExecuteExW
DoEnvironmentSubstA

user32

MessageBoxExW
SetMenuDefaultItem
DdeCreateDataHandle
PackDDElParam
UnregisterDeviceNotification
ActivateKeyboardLayout
RealChildWindowFromPoint
GetScrollPos
GetCaretPos
SetWindowsHookExA
GetDialogBaseUnits
DialogBoxIndirectParamW
CharLowerBuffW
GetDesktopWindow
BlockInput
GetUserObjectInformationA
CheckRadioButton
CreateIcon
GetDlgItemTextW
LoadMenuIndirectA
DeleteMenu
GetCursor
LoadCursorW
MenuItemFromPoint

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aeeb1c156774a860f70c7644e735f3c

Headers

File Characteristics

Imports

gdi32

kernel32

shell32

user32

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 9KB - Virtual size: 19KB

.data Size: 285KB - Virtual size: 284KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 9KB - Virtual size: 19KB

.data
Size: 285KB - Virtual size: 284KB

.rsrc
Size: 15KB - Virtual size: 14KB