6a5fd488a7c7628403a14612440fd06a547c6e5cf048c296e952d2144e5b1cdb

Sharing

Copy URL Twitter E-mail

General

Target

6a5fd488a7c7628403a14612440fd06a547c6e5cf048c296e952d2144e5b1cdb
Size

236KB
MD5

77d097c9430e5435797f15ac41e2bf30
SHA1

4c4dea06c9028b8268dc9f93e8c62d31d958aaf3
SHA256

6a5fd488a7c7628403a14612440fd06a547c6e5cf048c296e952d2144e5b1cdb
SHA512

c372bb22aed5b29ece4b654f5d3b0fef95afda33f53396eab82e25ca4730e14ea9c09ea9967c3b599f948922ad584cfa2a371024aa624ade06d4a26fd400ca1e
SSDEEP

3072:3ydtSlowkJ3Uj7xsSmJIpu3mydWR42ELGyLZT:CQkQxeIp/yb20Gyh

Score

N/A

Malware Config

Signatures

Files

6a5fd488a7c7628403a14612440fd06a547c6e5cf048c296e952d2144e5b1cdb
.exe windows x86

eec2df712c6f3e0acc663d43ebfca635

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
ExitProcess
LocalAlloc
LocalFree
GetLastError
OutputDebugStringA
GetCurrentProcess
GetModuleFileNameA
lstrcmpA
lstrcpynA
RaiseException
InterlockedExchange

user32

MessageBoxA
wsprintfA

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
_CxxThrowException
memcpy
memset
realloc
free
??2@YAPAXI@Z
strlen
??1type_info@@UAE@XZ
_stricmp

userenv

CreateEnvironmentBlock

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInstallParamsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiEnumDeviceInfo
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList

Exports

Exports

CreateObject
InitLibs
bbs

Sections

.code
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eec2df712c6f3e0acc663d43ebfca635

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

userenv

setupapi

Exports

Exports

Sections

.code Size: 8KB - Virtual size: 6KB

.text Size: 16KB - Virtual size: 13KB

PAGE Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 176KB - Virtual size: 178KB

.idata Size: 4KB - Virtual size: 2KB

.didat Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 8KB - Virtual size: 6KB

.text
Size: 16KB - Virtual size: 13KB

PAGE
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 176KB - Virtual size: 178KB

.idata
Size: 4KB - Virtual size: 2KB

.didat
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 1KB