6694f102a550ab2e45ae5380fdcd7a5b29341c79492d130a3663116ae5a1d561

Sharing

Copy URL Twitter E-mail

General

Target

6694f102a550ab2e45ae5380fdcd7a5b29341c79492d130a3663116ae5a1d561
Size

920KB
MD5

754d5598187a348e1809344deb8abf60
SHA1

bde8b7fccb6c7efe8c08021e4eb5cfda4e7e3a3f
SHA256

6694f102a550ab2e45ae5380fdcd7a5b29341c79492d130a3663116ae5a1d561
SHA512

660b149f4dcecc259a6de1f3a657c1784cbb526f5d9c24a58ef5f25a9499fe98a847d3b2ae6fbed2dc9c4e8b120aa3616c190ce4fd67ac8d923456932435b1f3
SSDEEP

12288:iTOORwYYji9E9PPcmhnWsIIl6qdEWMX2p4IftQdMLUWT+kPcugbPaGU:KOJZ6EVPcmJWssVWMGyIfSw3T+/bPaGU

Score

N/A

Malware Config

Signatures

Files

6694f102a550ab2e45ae5380fdcd7a5b29341c79492d130a3663116ae5a1d561
.exe windows x86

4a7848367a9532d556e4894e41882e20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

bugsplat

??1MiniDmpSender@@UAE@XZ
??0MiniDmpSender@@QAE@PBD000K@Z

kernel32

WaitForSingleObject
SetEvent
GetStdHandle
GetCurrentProcess
Sleep
GetModuleFileNameW
PeekNamedPipe
DuplicateHandle
GetCommandLineW
SetFileAttributesW
CreateDirectoryW
CreateProcessW
GetTempPathW
LoadLibraryW
MoveFileExW
DebugBreak
CreateThread
CloseHandle
OutputDebugStringA
CreatePipe
CreateEventW
SetStdHandle
GetLastError
ReadFile
CopyFileW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEndOfFile
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
GetConsoleCP
CreateFileA
GetFileAttributesA
SetEnvironmentVariableW
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
CompareStringW
CompareStringA
VirtualAlloc
GetCurrentProcessId
GetTickCount
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FormatMessageW
WriteFile
GetCurrentDirectoryW
LocalFree
FindResourceW
LoadResource
LockResource
GetModuleHandleExW
SizeofResource
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ResetEvent
WaitForMultipleObjects
Process32FirstW
Process32NextW
TerminateThread
CreateFileW
QueryInformationJobObject
ReleaseMutex
CreateMutexW
VerSetConditionMask
AssignProcessToJobObject
GetExitCodeThread
CreateJobObjectW
ResumeThread
GetExitCodeProcess
SetHandleInformation
VerifyVersionInfoW
CreateToolhelp32Snapshot
MoveFileW
DeleteFileW
GetFileAttributesW
RemoveDirectoryW
SetFilePointer
OutputDebugStringW
FreeLibrary
FormatMessageA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
HeapReAlloc
RtlUnwind
ExitProcess
MultiByteToWideChar
CreateProcessA
DeleteFileA
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
InterlockedIncrement
InterlockedDecrement
MoveFileA
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
SetHandleCount
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
VirtualQuery

user32

PostQuitMessage
DestroyWindow
DialogBoxParamW
SendMessageW
PeekMessageW
MessageBoxA
GetDlgItem
GetMessageW
TranslateMessage
IsDialogMessageW
DispatchMessageW
MessageBoxW
GetSystemMetrics
GetDesktopWindow
SetWindowPos
GetWindowRect
SetWindowTextW
EndDialog
EnableWindow
ShowWindow
CreateDialogParamW
LoadIconW

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid

shlwapi

SHCopyKeyW
PathCombineW
PathCanonicalizeW
PathFindFileNameW
PathIsRelativeW
PathAddBackslashW
PathRemoveFileSpecW
SHDeleteKeyW

msi

ord141
ord16
ord70
ord88
ord113

advapi32

RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey

shell32

SHFileOperationW
SHGetSpecialFolderPathW

oleaut32

SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a7848367a9532d556e4894e41882e20

Headers

File Characteristics

Imports

comctl32

bugsplat

kernel32

user32

ole32

shlwapi

msi

advapi32

shell32

oleaut32

Sections

.text Size: 668KB - Virtual size: 667KB

.rdata Size: 160KB - Virtual size: 156KB

.data Size: 24KB - Virtual size: 29KB

.rsrc Size: 64KB - Virtual size: 62KB

.text
Size: 668KB - Virtual size: 667KB

.rdata
Size: 160KB - Virtual size: 156KB

.data
Size: 24KB - Virtual size: 29KB

.rsrc
Size: 64KB - Virtual size: 62KB