c6997cb073c9f6f3462b104106e7e1f00133c5b749dedd445209c07d4aaabbec

Sharing

Copy URL Twitter E-mail

General

Target

c6997cb073c9f6f3462b104106e7e1f00133c5b749dedd445209c07d4aaabbec
Size

244KB
MD5

6b95d882d358b77f4a284ff8b5317927
SHA1

f68a0173a747fed82c35e5206f0d23af2cae0633
SHA256

c6997cb073c9f6f3462b104106e7e1f00133c5b749dedd445209c07d4aaabbec
SHA512

85d3eff944fd90642e9bba4f8fd5220bcec3473a17f6d9605be9c9c6ee05d537b83101023e0b30784548ca4beb003e0aa1bc42a096caea2f3b090695247e91f4
SSDEEP

6144:Hrh+Q9uUmYgPyIJRodd0BIsW7hGUIYxV4:H1+au0gtvodgIdRxV4

Score

N/A

Malware Config

Signatures

Files

c6997cb073c9f6f3462b104106e7e1f00133c5b749dedd445209c07d4aaabbec
.exe windows x86

b405fa6a66bdfdf6f365f2139fc8148a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

urlmon

URLOpenBlockingStreamW
URLDownloadToFileA
CreateAsyncBindCtx
ReleaseBindInfo

ole32

CreateFileMoniker
CoUninitialize
CoLockObjectExternal
OleConvertIStorageToOLESTREAM
OleLoadFromStream
CoFreeLibrary

ws2_32

htons
accept
gethostbyaddr
ntohl
connect
closesocket

opengl32

glColor4f
glTexEnvfv
glLineStipple
glTexCoord3sv
glRotated
glTexCoord3i
glDrawPixels
glVertex3i

crypt32

CryptDecodeObject
PFXImportCertStore
CertFindCertificateInStore
CryptEncodeObjectEx
CryptFormatObject
CertDeleteCTLFromStore

mpr

WNetDisconnectDialog1W
WNetCancelConnection2W
WNetGetUniversalNameA
WNetAddConnection2A
WNetGetResourceInformationW

kernel32

RtlUnwind
SetStdHandle
SetFilePointer
WriteConsoleW
Sleep
HeapFree
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetFileType
SetHandleCount
LoadLibraryW
HeapReAlloc
CreateFileW
CloseHandle
HeapSize
HeapAlloc
SetLastError
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
GetCurrentThreadId
GetLastError
GetProcAddress
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b405fa6a66bdfdf6f365f2139fc8148a

Headers

DLL Characteristics

File Characteristics

Imports

user32

urlmon

ole32

ws2_32

opengl32

crypt32

mpr

kernel32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 200KB - Virtual size: 199KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 200KB - Virtual size: 199KB