6878cf2f36596d9a745cc9af5104fcd992b2cc8bd7b9f3b84abafe2f9b6fc934

Sharing

Copy URL

Twitter E-mail

General

Target

6878cf2f36596d9a745cc9af5104fcd992b2cc8bd7b9f3b84abafe2f9b6fc934
Size

3.5MB
MD5

a00c9c618e3841a8e4b3d259678b7ffa
SHA1

d3f48d561ff98ef1252426cc293560f15583dd2c
SHA256

6878cf2f36596d9a745cc9af5104fcd992b2cc8bd7b9f3b84abafe2f9b6fc934
SHA512

e309671d5629f99ffa41f82646ba091cffb229efb58be5ff407f4bfb6433117ce3fc22d1fca0da851a0ef58e7546f686706f0bc76c5d731801c553ac0a33024a
SSDEEP

98304:X/zibZG9QrDvVblbSLHB+lx57mP/by87CjSarZHg5s4:V9gVblbgh+DZ4bp77

Score

N/A

Malware Config

Signatures

Files

6878cf2f36596d9a745cc9af5104fcd992b2cc8bd7b9f3b84abafe2f9b6fc934
.exe windows x86

76096752845c39fd10e793d530605a45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountSidW
RegSetValueExW
LookupAccountSidA
RegCreateKeyW
LookupPrivilegeValueA
RegFlushKey
CryptDestroyHash
RegCreateKeyA
CryptGetDefaultProviderW
LookupAccountNameW

gdi32

GetKerningPairs
GetLayout
CreateDIBPatternBrushPt
GetBkColor
GetObjectType
SetGraphicsMode
GetLogColorSpaceA
GetNearestColor

wininet

SetUrlCacheEntryInfoA

user32

GetKeyboardState
GetClipboardOwner
ArrangeIconicWindows
GetMenu
DestroyCaret
LoadIconW
OpenWindowStationW
DlgDirSelectComboBoxExW

kernel32

HeapCreate
GetCurrentProcessId
UnhandledExceptionFilter
TlsFree
SetFilePointer
InitializeCriticalSection
SetConsoleScreenBufferSize
FindClose
GetCurrentProcess
GetPriorityClass
GetCommandLineW
GetSystemTimeAsFileTime
GetLastError
SetLastError
GetDateFormatA
FreeEnvironmentStringsW
WideCharToMultiByte
GetProcessHeaps
MultiByteToWideChar
GetDiskFreeSpaceExA
ReleaseMutex
VirtualQuery
TlsGetValue
GlobalReAlloc
CreateToolhelp32Snapshot
GetSystemInfo
GetVersionExA
QueryPerformanceCounter
GetStringTypeA
IsValidCodePage
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStdHandle
TlsSetValue
GetExitCodeProcess
WriteConsoleInputW
GetTimeZoneInformation
SetEnvironmentVariableA
SetHandleCount
ExitProcess
VirtualProtect
GetModuleFileNameW
HeapAlloc
InterlockedExchange
LCMapStringA
GetSystemTimeAdjustment
GetACP
GetModuleHandleA
GetUserDefaultLCID
GetOEMCP
GetEnvironmentStringsW
SetFileAttributesW
IsBadWritePtr
GetCurrentThread
GetTickCount
LeaveCriticalSection
GetModuleFileNameA
RtlUnwind
TerminateProcess
FlushConsoleInputBuffer
DeleteCriticalSection
VirtualAlloc
GetStringTypeW
EnterCriticalSection
GetFileType
LCMapStringW
WaitNamedPipeW
GetCPInfo
GetLocaleInfoW
GetCurrentThreadId
HeapReAlloc
GetStartupInfoW
HeapFree
GlobalDeleteAtom
GetProcAddress
GetLocaleInfoA
WriteFile
CommConfigDialogW
SetWaitableTimer
EnumSystemLocalesA
CompareStringW
GetTimeFormatA
lstrcmpiA
TlsAlloc
VirtualFree
OpenFile
HeapDestroy
GetStartupInfoA
CompareStringA
IsValidLocale
GetCommandLineA
LoadLibraryA

comdlg32

GetSaveFileNameW
PageSetupDlgW
GetOpenFileNameW
GetFileTitleA

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76096752845c39fd10e793d530605a45

Headers

File Characteristics

Imports

advapi32

gdi32

wininet

user32

kernel32

comdlg32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 8KB - Virtual size: 18KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 8KB - Virtual size: 18KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 6KB - Virtual size: 6KB