6ba6845fb5237f35ea3cfceadfb36806688dd9a988199f217e5661be8d348bad

Sharing

Copy URL Twitter E-mail

General

Target

6ba6845fb5237f35ea3cfceadfb36806688dd9a988199f217e5661be8d348bad
Size

56KB
MD5

6c34f54b1c68965755f93d8ec728aff6
SHA1

7270a5cc1eaefabb38a2a1b8bc342b177919f847
SHA256

6ba6845fb5237f35ea3cfceadfb36806688dd9a988199f217e5661be8d348bad
SHA512

3cf2d2cf86669a804f2ff6d562a1a97e4ece37fecdfe91286263a708beafbcb8e1f4503ed003fd607086ad476e2fb80ab7916fea018b3100202163f7ec5f7053
SSDEEP

1536:eBOOXD1kKH4LvUF+Zfb4xSrYCMJ73ln0inU:eBOOX6c+FNkb7Vn04U

Score

N/A

Malware Config

Signatures

Files

6ba6845fb5237f35ea3cfceadfb36806688dd9a988199f217e5661be8d348bad
.dll windows x86

37af4e2a16214bdc74a9b970839193df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SendDlgItemMessageW
GetMessageW
PeekMessageW
CharNextW
BeginPaint
GetPropW
SetWindowPos
UpdateWindow
LoadCursorW
TranslateMessage
GetMonitorInfoW
DeferWindowPos
MapWindowPoints
FrameRect
SetCapture
GetClientRect
MsgWaitForMultipleObjects
wsprintfW
GetLastActivePopup
FindWindowExW
BeginDeferWindowPos
EnableWindow
GetDlgItem
GetDesktopWindow
PostThreadMessageW
InvalidateRect
EndDeferWindowPos
SetCursor
RegisterClassExW
SetWindowLongW
IsWindowEnabled
FillRect
GetWindowThreadProcessId
GetDC
MonitorFromWindow
GetKeyState
ReleaseCapture
ReleaseDC
GetSysColor
GetClassNameW
PostMessageW

kernel32

VirtualAlloc
GlobalUnlock
WideCharToMultiByte
GetFileSize
GetCurrentDirectoryA
VirtualAlloc
ReadFile
InterlockedDecrement
FindFirstFileA
WriteFile
IsBadReadPtr
MulDiv
GetFileAttributesA
GetCurrentProcessId
FindClose
SetFileAttributesA
lstrcmpiA
ReadProcessMemory
CreateFileA
FindNextFileA
GetPrivateProfileStructA
OpenProcess
ResumeThread
VirtualQueryEx
GlobalAlloc
WritePrivateProfileStructA
GlobalLock
VirtualFree
CreateSemaphoreA
lstrcpyA
GetHandleInformation
LoadLibraryA
SetFilePointer
GetTempPathA
GetProcAddress
GetStartupInfoA
DeleteFileA

gdi32

DeleteObject
SetBkMode
CreatePen
BitBlt
SetLayout
Ellipse
SetBkColor
CreateSolidBrush
GetObjectW
RealizePalette
CreateHalftonePalette
GetDeviceCaps
SetTextColor
SelectObject
LineTo
SelectPalette

Exports

Exports

CreateProcessNotify
bootgman

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37af4e2a16214bdc74a9b970839193df

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB