6c547c217e8dd304c299844d10e64bba4fde95958678ef66a81eea24fc9211a0

Sharing

Copy URL Twitter E-mail

General

Target

6c547c217e8dd304c299844d10e64bba4fde95958678ef66a81eea24fc9211a0
Size

172KB
MD5

909e5bdb54e5c7546b78b816288ec4cd
SHA1

35513267630f48b7aa1cd4766699550062bb44ec
SHA256

6c547c217e8dd304c299844d10e64bba4fde95958678ef66a81eea24fc9211a0
SHA512

ce5c4602f0117789ce2634473d602c652b6f6fc708f171cb4287175cb586138ca054c31c47daae74bbfb5e2cbcef990dae185e258e95a8afd4de70074adf0b34
SSDEEP

3072:CtOO8ImaPKijMF134n8SeD1Fp04OXY00DGVI3BiZ8K7EZXX:CtOO8ImabMn4n8SeZcY00DM4Klo

Score

N/A

Malware Config

Signatures

Files

6c547c217e8dd304c299844d10e64bba4fde95958678ef66a81eea24fc9211a0
.exe windows x86

ad64e9e32cd684276e2e2d99de13c605

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetSystemTimeAsFileTime
FindResourceExA
TerminateProcess
IsDebuggerPresent
GetCurrentProcess
GetCalendarInfoW
GetModuleHandleA
lstrlenW
HeapSize
WideCharToMultiByte
GetLastError
GetSystemTime
SystemTimeToFileTime
SizeofResource
UnhandledExceptionFilter
FindResourceA
CreateFileW
InterlockedCompareExchange
LoadLibraryW
GetProcessHeap
GetUserDefaultUILanguage
GetStdHandle
GetTickCount
LoadLibraryExW
GetModuleFileNameW
EnterCriticalSection
GetVersionExA
MoveFileW
EnumResourceNamesA
SetUnhandledExceptionFilter
HeapAlloc
GetCurrentProcessId
lstrcmpiA
GetFileAttributesA
LockResource
GetThreadLocale
ReleaseMutex
GetLocaleInfoA
InterlockedExchange
GetFileAttributesW
HeapFree
LocalAlloc
HeapReAlloc
GetCurrentThreadId
VirtualFree
UnmapViewOfFile
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
lstrcpynW
RaiseException
VirtualAlloc
LeaveCriticalSection
HeapDestroy
lstrlenA
OutputDebugStringW
CreateDirectoryW
CreateProcessA
Sleep
GetStartupInfoA
QueryPerformanceCounter
LoadResource
CloseHandle
GetEnvironmentVariableA
MultiByteToWideChar
SetEvent

user32

LoadIconA
UnregisterClassA
LoadStringW
DestroyWindow
GetSystemMetrics
MessageBoxW
CharNextA
LoadImageA
CharNextW

ole32

CoGetMalloc
StringFromGUID2
StringFromCLSID
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
IIDFromString
CoInitializeSecurity
CoCreateInstance
OleInitialize
OleUninitialize

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shlwapi

PathAddBackslashW

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad64e9e32cd684276e2e2d99de13c605

Headers

File Characteristics

Imports

kernel32

user32

ole32

mprapi

shlwapi

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 75KB - Virtual size: 75KB

.rsrc Size: 1024B - Virtual size: 252KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 75KB - Virtual size: 75KB

.rsrc
Size: 1024B - Virtual size: 252KB