6b3078c49c796df29eff079c52cd6dcd2dff93ee08a9bc3348fe27ab97cf4632

Sharing

Copy URL

Twitter E-mail

General

Target

6b3078c49c796df29eff079c52cd6dcd2dff93ee08a9bc3348fe27ab97cf4632
Size

436KB
MD5

815b1e7742df51b38659ad2f98452028
SHA1

2b50258bfd5c950b07f12f2d1bc44420613fecf2
SHA256

6b3078c49c796df29eff079c52cd6dcd2dff93ee08a9bc3348fe27ab97cf4632
SHA512

1de0baee78f5b69de6daa45eaa8a16f7038843c8583ffd109e3c9c9be3441da9179de9e32cf90304fe6d6f3abf542e316131dc2d6ace5304fef3de86a660e6c4
SSDEEP

6144:pfatOgUhJLpSwUJ2qJlYeDmQsW/eRv5bK3YsLKS0rKrOWI+G4Tsulc31n1OkWZXS:pfaIgqJdSgalYeURBeosLKSYOTsueu

Score

N/A

Malware Config

Signatures

Files

6b3078c49c796df29eff079c52cd6dcd2dff93ee08a9bc3348fe27ab97cf4632
.exe windows x86

14ec1a1cfb59e8fbfad000d234b537fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptCreateHash
RegSetKeySecurity
RegDeleteKeyA
RegOpenKeyExW
LookupSecurityDescriptorPartsA
CryptVerifySignatureA
RegCreateKeyExW
RegQueryInfoKeyA
CryptGetHashParam
AbortSystemShutdownA
GetUserNameW
RegCreateKeyExA
AbortSystemShutdownW
CryptDuplicateKey
LookupSecurityDescriptorPartsW
LookupPrivilegeDisplayNameA
CryptDestroyKey
RegOpenKeyExA
CryptSetProviderExW
CryptContextAddRef

wininet

GopherGetLocatorTypeA

user32

CreatePopupMenu
DlgDirListComboBoxW
CreateDialogParamW
GetFocus
LoadCursorW
SetClassWord
CreateWindowExA
MessageBoxIndirectA
MessageBoxW
InsertMenuW
SetMenuItemBitmaps
DialogBoxParamA
DdeSetUserHandle
wvsprintfA
GetWindowDC
EditWndProc
RegisterClassA
DestroyWindow
DefWindowProcA
SetUserObjectInformationA
OffsetRect
OemToCharW
EnumDisplaySettingsA
LoadCursorA
WinHelpW
CharUpperA
SetActiveWindow
SetUserObjectInformationW
EndPaint
RegisterClassExA
ChangeMenuA
GetMenuDefaultItem
ShowWindow
ExcludeUpdateRgn
BroadcastSystemMessageW
ScrollDC
SetDlgItemInt
DlgDirSelectComboBoxExW
SetDlgItemTextA
SystemParametersInfoW
GetShellWindow
SetCapture

kernel32

SetStdHandle
CloseHandle
WritePrivateProfileStructA
UnhandledExceptionFilter
GetConsoleOutputCP
GetStartupInfoA
QueryPerformanceCounter
LCMapStringA
ExitProcess
FlushFileBuffers
HeapReAlloc
GetStartupInfoW
HeapSize
CreateMutexA
GetEnvironmentStringsW
HeapAlloc
FindResourceExA
GetLocaleInfoW
LoadLibraryA
GetTimeFormatA
GetUserDefaultLCID
SetTimeZoneInformation
InterlockedExchange
GetSystemTimeAsFileTime
EnumSystemLocalesA
WriteFile
FreeLibrary
GetVolumeInformationW
GetCommandLineA
GetModuleFileNameA
FreeEnvironmentStringsA
GetConsoleMode
TlsGetValue
SetFilePointer
GetProcAddress
GetFileType
GetVersionExA
GetACP
VirtualAlloc
GetCurrentProcessId
IsDebuggerPresent
SetFileAttributesW
WideCharToMultiByte
FreeEnvironmentStringsW
SetThreadLocale
VirtualFree
WriteConsoleW
WriteConsoleA
CommConfigDialogA
GetModuleFileNameW
GetDiskFreeSpaceExA
CreateFileA
GetProcessHeap
MultiByteToWideChar
OpenProcess
ReadFile
GetOEMCP
TlsFree
GetVersion
SetThreadPriority
GetCurrentProcess
GetConsoleCP
VirtualQuery
SetComputerNameA
InitializeCriticalSection
GetEnvironmentStrings
SetEnvironmentVariableA
TlsAlloc
GetLocaleInfoA
GetCommandLineW
CompareStringA
GetLastError
HeapFree
InterlockedDecrement
HeapCreate
Sleep
RtlUnwind
SetLastError
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
SetFileTime
SetHandleCount
LeaveCriticalSection
GetModuleHandleA
DeleteCriticalSection
GetDateFormatA
LCMapStringW
GetCurrentThreadId
HeapDestroy
LocalLock
IsValidCodePage
GetStdHandle
GetStringTypeW
IsValidLocale
GetCPInfo
OpenMutexA
GetStringTypeA
InterlockedIncrement
GetTimeZoneInformation
CompareStringW
GetTickCount
TlsSetValue
GetCurrentThread
EnterCriticalSection
TerminateProcess
GetDriveTypeA

comctl32

DrawStatusText
DrawStatusTextA
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Write
InitMUILanguage
ImageList_Merge

gdi32

GetCharacterPlacementA
StrokeAndFillPath
FillPath
ResetDCA
GetCharABCWidthsFloatW
LineTo
CreateSolidBrush
CreatePenIndirect
GetDIBColorTable
CreatePolyPolygonRgn
SetBkColor

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14ec1a1cfb59e8fbfad000d234b537fe

Headers

File Characteristics

Imports

advapi32

wininet

user32

kernel32

comctl32

gdi32

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 96KB - Virtual size: 104KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 96KB - Virtual size: 104KB

.rsrc
Size: 84KB - Virtual size: 81KB