6e5fd3433e15b728fb4017ded93f660898af0bfc672332b26cfde1ca7e0f8b16

Sharing

Copy URL Twitter E-mail

General

Target

6e5fd3433e15b728fb4017ded93f660898af0bfc672332b26cfde1ca7e0f8b16
Size

886KB
MD5

06da6a32f67ec5fb043c237fb51b6b60
SHA1

c426b96ca13db0bc0da23a11218afa43355f8285
SHA256

6e5fd3433e15b728fb4017ded93f660898af0bfc672332b26cfde1ca7e0f8b16
SHA512

91439f15634039aa1911f56eb35bb5d103fbd3779c1ac45320af85da9a3b52f2f829ba35da9501954af2ec7b9b66f56212fb3b18a9ec011f3d07525e567b9c3b
SSDEEP

24576:xGs8aavfgm5IBKV5SYQtMOtXFxE4z1ZEMV7LG/1ZpToT:janO82xEzAWGT

Score

N/A

Malware Config

Signatures

Files

6e5fd3433e15b728fb4017ded93f660898af0bfc672332b26cfde1ca7e0f8b16
.exe windows x86

c6c4a54cfa74a67d55971ee67b6572ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedState

kernel32

GetStartupInfoA
HeapCreate
CloseHandle
DeleteCriticalSection
OpenEventW
CreateEventW
EnterCriticalSection
GetLastError
LeaveCriticalSection
InitializeCriticalSection
GetTickCount
GetModuleHandleW
SetEvent
WaitForSingleObject
GetProcAddress
Sleep
LoadLibraryW
SetErrorMode
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetFullPathNameW
GetTimeZoneInformation
GetCurrentDirectoryA
GetFullPathNameA
SetStdHandle
GetModuleHandleA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetSystemTimeAsFileTime
CreateThread
lstrlenW
WideCharToMultiByte
ExitThread
ResetEvent
GetVersionExW
GetCurrentThreadId
IsBadReadPtr
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
ReleaseMutex
MultiByteToWideChar
GetModuleFileNameW
GetModuleFileNameA
FindFirstFileW
FindClose
CreateFileW
WriteFile
GetTempPathW
FileTimeToSystemTime
GetLocalTime
GetCurrentProcess
HeapAlloc
GetProcessHeap
ReadFile
VirtualAlloc
LoadLibraryA
VirtualFree
VirtualProtect
CreateDirectoryW
FindNextFileW
DeleteFileW
RemoveDirectoryW
GetFileSize
lstrlenA
FreeLibrary
HeapFree
LocalAlloc
LocalFree
GetSystemDirectoryW
DeviceIoControl
QueryPerformanceCounter
InterlockedIncrement
CreateFileA
lstrcpyA
GetSystemDirectoryA
lstrcatA
CopyFileA
HeapReAlloc
GlobalAlloc
SetLastError
GlobalFree
SleepEx
PeekNamedPipe
WaitForMultipleObjects
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
FormatMessageA
SetFilePointer
VirtualQuery
CreateProcessW
SetUnhandledExceptionFilter
OutputDebugStringW
FormatMessageW
SetHandleCount
TerminateProcess
lstrcatW
IsDebuggerPresent
GetCurrentProcessId
lstrcpyW
OpenFileMappingW
InitializeCriticalSectionAndSpinCount
GetCommandLineW
InterlockedCompareExchange
MoveFileExW
CopyFileW
GetFileAttributesW
SetFileAttributesW
InterlockedExchange
OpenMutexW
QueryPerformanceFrequency
FlushFileBuffers
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
DisconnectNamedPipe
InterlockedDecrement
GetStartupInfoW
UnhandledExceptionFilter
FileTimeToLocalFileTime
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileA
GetDriveTypeW
ResumeThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
RaiseException
GetCPInfo
LCMapStringA
LCMapStringW
HeapSize
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP

user32

PostThreadMessageW
CreateWindowExW
GetWindowLongW
RegisterClassW
LoadIconW
TranslateMessage
LoadCursorW
KillTimer
UnregisterClassW
GetMessageW
DispatchMessageW
wsprintfW
wsprintfA
GetSystemMetrics
IsCharAlphaNumericW
wvsprintfW
SetRectEmpty
DefWindowProcW
SetTimer
DestroyWindow
SetWindowLongW

ws2_32

WSAStartup
WSACleanup
closesocket
WSAGetLastError
recv
send
getsockname
ntohs
bind
htons
getsockopt
getpeername
setsockopt
connect
socket
inet_addr
gethostbyname
htonl
getservbyname
gethostbyaddr
getservbyport
WSASetLastError
gethostname
sendto
recvfrom
accept
listen
shutdown
ioctlsocket
select
__WSAFDIsSet
inet_ntoa

imm32

ImmDisableIME

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

SHGetValueW
SHDeleteKeyA

wldap32

ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord30
ord26
ord50
ord60
ord143
ord211
ord22
ord200

advapi32

OpenProcessToken
CryptEncrypt
RegCreateKeyExA
RegNotifyChangeKeyValue
RegCloseKey
RegEnumValueA
RegDeleteValueA
RegOpenKeyExW
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExW
RegSetValueExW
RegCreateKeyW
CryptAcquireContextW
CryptImportKey
SetSecurityDescriptorSacl
GetLengthSid
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
AddAccessAllowedAceEx
RegCreateKeyExW
LookupAccountSidW
GetTokenInformation
CryptDestroyKey
RegOpenKeyW
CryptGetKeyParam
CryptDecrypt
CryptReleaseContext
CryptSetKeyParam

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHFileOperationW
SHGetFolderPathW

Sections

.text
Size: 577KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 31KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6c4a54cfa74a67d55971ee67b6572ce

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

ws2_32

imm32

version

shlwapi

wldap32

advapi32

shell32

Sections

.text Size: 577KB - Virtual size: 577KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 31KB - Virtual size: 77KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 110KB - Virtual size: 112KB

.text
Size: 577KB - Virtual size: 577KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 31KB - Virtual size: 77KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 110KB - Virtual size: 112KB