6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04

Sharing

Copy URL

Twitter E-mail

General

Target

6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04
Size

180KB
MD5

f63462259d9fbe411e276f137bcb74d4
SHA1

5dc4433eedfa45bfd78ce002f92bd9cd47f30d71
SHA256

6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04
SHA512

5590a2c49a9d7d11077c706c3f57f97e87f6cb62623667ce8bb97c5c4315dc3b2320b0c87370e02e64c92dedc72e3cfd8c5059bf42103dccc06be8db86a676d6
SSDEEP

3072:fqY3Liftb254e+k9PYzMZA42/b0+P1SzdKIrOgPM1uQuO/dNcuNM3aws:v/yiYzMZhKb0+tSzdK6OgU1UO/dNcAQC

Score

N/A

Malware Config

Signatures

Files

6edd491c388060704121265e17ed11050f23f6076b11fa3da236139282810d04
.exe windows x86

595c8e07c4166f952a61ff57a74892c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
LockFile
VirtualFree
GetVolumeInformationA
GetUserDefaultLangID
GlobalMemoryStatus
HeapCreate
GetProfileIntW
GetTimeZoneInformation

winmm

timeKillEvent
midiOutReset
mciGetDeviceIDW
midiInClose
waveInGetDevCapsA
mixerGetNumDevs
mixerGetControlDetailsW
waveOutMessage
mixerGetID
waveOutClose
waveOutSetVolume
auxGetVolume
midiInPrepareHeader
waveInPrepareHeader
OpenDriver
waveOutWrite
waveInOpen
mmioRenameA
waveInGetNumDevs
joySetThreshold
GetDriverModuleHandle
timeSetEvent
DrvGetModuleHandle
CloseDriver
SendDriverMessage
mciSendCommandA
mixerGetDevCapsA
mmioFlush
joyGetPos
joyGetDevCapsA
mixerGetLineControlsW
waveInAddBuffer
mciGetDeviceIDFromElementIDA
midiOutUnprepareHeader
waveOutGetErrorTextW
waveInMessage
mmioRead
midiInGetDevCapsW
midiInStop
mixerSetControlDetails
mmioWrite
waveOutGetID
waveInReset
mmioAdvance
midiOutGetDevCapsA
mmioSendMessage
midiStreamRestart
waveOutGetPlaybackRate
mixerGetLineInfoW
waveInGetErrorTextA
waveInGetDevCapsW
midiStreamPosition
sndPlaySoundW
auxGetNumDevs
mmioDescend
mmioOpenA
midiOutGetID
waveInClose
mciGetErrorStringA
waveInStart
mixerOpen
mixerGetLineControlsA
waveOutPause
mixerGetLineInfoA
midiOutClose
midiStreamPause
mixerGetControlDetailsA
mmioRenameW
waveOutReset
PlaySoundA
mmioAscend
mixerClose
waveOutGetPosition
waveInStop
mciGetYieldProc
midiInReset
mmioInstallIOProcA
waveInUnprepareHeader
midiOutGetNumDevs
mmioSetInfo
waveInGetErrorTextW
sndPlaySoundA
midiInUnprepareHeader
timeBeginPeriod
timeGetSystemTime
midiOutCacheDrumPatches
midiStreamProperty
waveOutRestart
timeGetTime
midiStreamStop
mciGetErrorStringW
mmioSeek
joyGetPosEx
midiInAddBuffer
joySetCapture
midiStreamOpen
midiOutGetVolume

gdi32

CreateFontIndirectW
PatBlt
GetEnhMetaFilePaletteEntries
GetWinMetaFileBits
GetRgnBox
GetDeviceCaps
CreateFontA
GetEnhMetaFileBits
DeleteObject
Ellipse
OffsetViewportOrgEx
SetTextCharacterExtra
DeleteEnhMetaFile
EnumFontFamiliesExW
SetWinMetaFileBits
GetCharWidthA
Rectangle
OffsetRgn
CreatePen
CloseEnhMetaFile
IntersectClipRect
CreateBitmap
GetObjectA
SetStretchBltMode
CreateEllipticRgn
DeleteDC
CopyEnhMetaFileW
GetNearestPaletteIndex
ScaleWindowExtEx
CombineRgn
GetClipBox
GetClipRgn
SetWorldTransform
SetPolyFillMode
GetGlyphOutlineW
SetViewportOrgEx
CreatePenIndirect
SetTextAlign
CreateCompatibleDC
GetObjectW
GetBrushOrgEx
GetWindowOrgEx
GetTextFaceA
PolyBezierTo
CreateDIBSection
ExtCreatePen
CreateRoundRectRgn
CreateDCW
CreateDIBPatternBrushPt
CreateDCA
SelectPalette
SetDIBColorTable
GetSystemPaletteEntries
StretchBlt
TextOutA
GetTextCharsetInfo
LPtoDP
ExtFloodFill
SetROP2
StartDocA
SaveDC

imagehlp

SymInitialize
SymGetLineNext
SearchTreeForFile
SymLoadModule
SymUnloadModule
SymSetSearchPath
MapDebugInformation
SymGetSymFromName
ImagehlpApiVersionEx
ImageEnumerateCertificates
SymGetModuleInfo
UnmapDebugInformation
ImageGetDigestStream
FindDebugInfoFile
SymGetSearchPath
UnDecorateSymbolName
SymGetSymPrev
ImagehlpApiVersion
SymRegisterCallback
SymFunctionTableAccess
ImageUnload
SymEnumerateModules
RemovePrivateCvSymbolic
SymCleanup
FindExecutableImage
MapFileAndCheckSumA
SymGetSymFromAddr
SymSetOptions
GetTimestampForLoadedLibrary
RemoveRelocations
SymGetLineFromName
ImageGetCertificateData

rasapi32

RasGetEntryPropertiesA
RasRenameEntryA
RasGetConnectStatusW
RasGetErrorStringA
RasEditPhonebookEntryW
RasCreatePhonebookEntryW
RasValidateEntryNameW
RasGetErrorStringW
RasCreatePhonebookEntryA
RasGetCountryInfoW
RasGetEntryPropertiesW
RasEnumEntriesW
RasHangUpW
RasEnumDevicesA
RasDialW

mpr

WNetGetConnectionA
WNetAddConnection2W
WNetAddConnection3A
WNetCancelConnection2A
WNetGetLastErrorW
WNetGetUserA
WNetGetConnectionW
WNetGetUserW
WNetGetNetworkInformationW
WNetAddConnection3W
MultinetGetConnectionPerformanceW
WNetEnumResourceA
WNetDisconnectDialog1W
WNetCancelConnectionA

imm32

ImmSetCompositionFontA
ImmGetDescriptionA
ImmGetConversionListW
ImmSetCandidateWindow
ImmGetCandidateListCountW
ImmGetStatusWindowPos
ImmIsIME
ImmReleaseContext
ImmGetCandidateWindow
ImmGetCandidateListCountA
ImmGetDefaultIMEWnd
ImmDestroyContext
ImmGetDescriptionW
ImmGetCompositionStringW
ImmSetOpenStatus
ImmCreateContext
ImmGetGuideLineW
ImmSimulateHotKey
ImmInstallIMEW
ImmGetCompositionWindow
ImmSetConversionStatus
ImmNotifyIME

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

595c8e07c4166f952a61ff57a74892c1

Headers

File Characteristics

Imports

kernel32

winmm

gdi32

imagehlp

rasapi32

mpr

imm32

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 129KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 129KB

.rsrc
Size: 32KB - Virtual size: 30KB