6f3186442d8cb11f33afe843c3a74716b8c133ed9cb7537741212c4eb608e578

General

Target

6f3186442d8cb11f33afe843c3a74716b8c133ed9cb7537741212c4eb608e578
Size

775KB
MD5

84a1419d84c2a7c238cfefc7df745d20
SHA1

91d5d3b9f63e77f320e83a38ceab054cadc29274
SHA256

6f3186442d8cb11f33afe843c3a74716b8c133ed9cb7537741212c4eb608e578
SHA512

21d0a9fffb4fc9b2d004c6e862eaa2ed55f7b43fa1183636c63c5e38c1627b6f7f789ef67e0c59462d6b9ad4c39855c3604bff70879f9c1f3eeee1bcd44e5a54
SSDEEP

24576:CWoNFpyY9ZXoNY7NX+Ke7UXP4MX1Smhu/9OsIgX:CWoNFpyIXKY7N0kA+VA/

Score

N/A

Malware Config

Signatures

Files

6f3186442d8cb11f33afe843c3a74716b8c133ed9cb7537741212c4eb608e578
.exe windows x86

ea32049b458fd2c159a8a292cb3959f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsDebuggerPresent
CloseHandle
SuspendThread
GetFileAttributesA
lstrcpyW
SetEvent
GetStartupInfoA
HeapCreate
GetModuleHandleA
WriteConsoleW
lstrlenW
WriteConsoleW
DisconnectNamedPipe
GetLastError
GetStdHandle
GetPriorityClass
GetCurrentDirectoryA
CopyFileW
ClearCommBreak
CreatePipe
WriteConsoleW

msftedit

SetCustomTextOutHandlerEx
RichComboBoxWndProc
RichEditWndProc
RichListBoxWndProc

shell32

SHGetDiskFreeSpaceA
DragAcceptFiles
StrChrA
DuplicateIcon
ShellMessageBoxA
SHGetSettings
DllUnregisterServer
ShellAboutA
SHFree
ExtractIconA
DragQueryFileA
SHGetMalloc
DragFinish

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea32049b458fd2c159a8a292cb3959f6

Headers

File Characteristics

Imports

kernel32

msftedit

shell32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 752B

.rsrc Size: 766KB - Virtual size: 2.1MB

.rdata Size: 512B - Virtual size: 132B

.impdata Size: 512B - Virtual size: 80B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 752B

.rsrc
Size: 766KB - Virtual size: 2.1MB

.rdata
Size: 512B - Virtual size: 132B

.impdata
Size: 512B - Virtual size: 80B