e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4

Sharing

Copy URL

Twitter E-mail

General

Target

e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4
Size

355KB
MD5

96a0fd555171c326b6a8b1f1848ba2d0
SHA1

26d30e1dda4224baa7835a3e3e06cb022ecb350f
SHA256

e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4
SHA512

beb0d889fc9052614a9d87b2b15be51814142157499e055f9abc3adf13720dc1ca9c398fe15f95d98c6f961794c0b4658398d861159ffc8eb77ace5b03c8c831
SSDEEP

6144:hkHGtCNBlRqTDxpUMgZZdUytUTNotV//0C2F/RZ5sG82zp2LhfbMXifzPIP1AI:UvlRqTDxpUMgndcytF//2F/RZ5820LtQ

Score

N/A

Malware Config

Signatures

Files

e6246e6352e9fadf62aa7b06b250fcb95e0187e063604e6d2b696146033bd3f4
.exe windows x86

142db805dce497cc41ceeb65bce770b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareFileTime
CompareStringA
CompareStringW
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexA
CreateMutexW
CreateThread
DebugBreak
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
FlushFileBuffers
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetDateFormatW
GetDriveTypeA
GetDriveTypeW
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLongPathNameA
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoW
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetTempFileNameW
GetTempPathA
GetThreadLocale
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MultiByteToWideChar
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpynW
lstrlenA
lstrlenW
lstrcatA
CreateFileA
GetTempFileNameA
VirtualAlloc

user32

LoadIconA
LoadIconW

gdi32

GetStockObject

advapi32

RegOpenKeyExA

shell32

SHFileOperationA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

StringFromIID
StringFromGUID2
StringFromCLSID
PropVariantCopy
PropVariantClear
OleSaveToStream
OleLoadFromStream
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUnmarshalInterface
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoReleaseMarshalData
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetMalloc
CoGetInterfaceAndReleaseStream
CoCreateInstance
CoCreateGuid
CoCreateFreeThreadedMarshaler
CLSIDFromString

shlwapi

PathRemoveBackslashW
PathGetCharTypeW
UrlCombineW
PathUndecorateW
PathRemoveFileSpecW
PathGetCharTypeA

msvcrt

wcsncmp
wcslen
wcscspn
wcscpy
wcsncpy
wcschr
wcscat
towupper
towlower
toupper
swscanf
swprintf
strncpy
strchr
srand
realloc
rand
wcspbrk
wcsrchr
wcsspn
wcsstr
wcstombs
wcstoul
wcscmp
_CIpow
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_beginthreadex
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_onexit
_purecall
_snwprintf
_stricmp
_strnicmp
_ultow
_vsnprintf
_vsnwprintf
_wcmdln
_wcsicmp
_wcsnicmp
_wcsupr
_wtoi
_wtoi64
_wtol
abs
atoi
atol
bsearch
ceil
exit
floor
free
isdigit
isspace
iswalnum
iswascii
iswcntrl
iswdigit
iswspace
isxdigit
malloc
memcmp
memcpy
memmove
memset
qsort

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

142db805dce497cc41ceeb65bce770b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 348KB - Virtual size: 347KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 348KB - Virtual size: 347KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 5KB - Virtual size: 5KB