b6876b97ad8ac27b4cdbb533a2638e9538738bd38202417aa7c4837ce05fd2eb

Sharing

Copy URL Twitter E-mail

General

Target

b6876b97ad8ac27b4cdbb533a2638e9538738bd38202417aa7c4837ce05fd2eb
Size

96KB
MD5

8051be9868b391797909369265e922b0
SHA1

3312664da3a29ba4fdddef5db00304c90bb8cd85
SHA256

b6876b97ad8ac27b4cdbb533a2638e9538738bd38202417aa7c4837ce05fd2eb
SHA512

fd18b8ea1e9c577926ea795e5ed7a495708b4ff094c4a2f4986280b57aca7f68e944d837d2c690c1803d1f49779054947558ab7580d3e61c3d0888aa7c0d43fd
SSDEEP

1536:vQuEuYRlXBVed7uMFCvJgZP1acDYSY+A37feaCMJDmYsLIb4PvYqHB/AdGg:6vwOEPgcMSDADeak7dJHB/AdGg

Score

N/A

Malware Config

Signatures

Files

b6876b97ad8ac27b4cdbb533a2638e9538738bd38202417aa7c4837ce05fd2eb
.exe windows x86

6577f3f333faa76da704adf486562b03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc70

ord3993
ord4516
ord4671
ord4361
ord1523
ord1522
ord1403
ord5666
ord1472
ord1469
ord3748
ord1272
ord4025
ord4933
ord1760
ord4854
ord5989
ord3966
ord4975
ord3208
ord4503
ord4063
ord1452
ord5714
ord5007
ord5005
ord812
ord817
ord821
ord819
ord823
ord2219
ord2239
ord2223
ord2229
ord2227
ord2225
ord2242
ord2237
ord2221
ord2244
ord2232
ord2214
ord2216
ord2234
ord2026
ord2020
ord1377
ord5993
ord3610
ord4958
ord3152
ord4748
ord1234
ord4954
ord1814
ord1508
ord1507
ord1451
ord4972
ord2675
ord4267
ord4043
ord2990
ord300
ord977
ord2200
ord1755
ord1781
ord1344
ord3884
ord1939
ord1399
ord5669
ord1273
ord4015
ord4986
ord2799
ord2979
ord518
ord956
ord957
ord982
ord1643
ord1646
ord4530
ord650
ord447
ord3890
ord5950
ord2474
ord571
ord2896
ord1871
ord331
ord1077
ord1081
ord3445
ord3638
ord1870
ord532
ord546
ord705
ord698
ord512
ord3140
ord4042
ord4262
ord3751
ord2461
ord3513
ord3523
ord3522
ord2352
ord2463
ord2359
ord2651
ord2529
ord4088
ord2648
ord2546
ord2356
ord5322
ord4985
ord5002
ord4349
ord3750
ord2096
ord4998
ord4996
ord2741
ord1770
ord3640
ord5152
ord5933
ord4883
ord899
ord3614
ord5339
ord1868
ord1913
ord4107
ord5990
ord3609
ord5992
ord3814
ord3832
ord3487
ord5991
ord4322
ord1097

msvcr70

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__CxxFrameHandler
memmove
sprintf
strrchr
exit
__dllonexit
_onexit
__security_error_handler
_c_exit
_setmbcp
memset
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_XcptFilter
_exit
memcpy
strlen
_controlfp

kernel32

GetCurrentDirectoryA
SetCurrentDirectoryA
CloseHandle
WideCharToMultiByte
lstrlenA
FindResourceA
LoadResource
LockResource
SizeofResource
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
ExitProcess
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
WriteProcessMemory
VirtualProtectEx
GetProcAddress
ResumeThread
CreateProcessA
SetThreadContext
FlushInstructionCache
GetThreadContext
SuspendThread

user32

GetParent
GetSystemMetrics
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
LoadIconA

advapi32

RegSetValueExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6577f3f333faa76da704adf486562b03

Headers

File Characteristics

Imports

mfc70

msvcr70

kernel32

user32

advapi32

comctl32

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 864B

.rsrc Size: 68KB - Virtual size: 65KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 864B

.rsrc
Size: 68KB - Virtual size: 65KB