6a558ad8035f582d3a62090b7eb98960182c499cddf43f36c1f7365c8eac50c2

General

Target

6a558ad8035f582d3a62090b7eb98960182c499cddf43f36c1f7365c8eac50c2
Size

178KB
MD5

846b8d3c62dd4cf663d83dc01bb9052f
SHA1

5ae688a3431fb752786f1347be8108e9c833e16c
SHA256

6a558ad8035f582d3a62090b7eb98960182c499cddf43f36c1f7365c8eac50c2
SHA512

3e982162ace95434ea76bd98a77e6d6b6ab24a9526e473f56d2d831b499916aa71bacd873389d99c9e836aa232790399278bbbc4f63cbde32f19c443c26e0d4d
SSDEEP

3072:Rr+MERNQCfGqT4Kz/cDSDZbw43dWteTSOHbak8u6ihUjs1tKkq9apJ8ozcp:RqQRQ4Kz/cDSDZbwKWg3HrB6FcH38

Score

N/A

Malware Config

Signatures

Files

6a558ad8035f582d3a62090b7eb98960182c499cddf43f36c1f7365c8eac50c2
.exe windows x86

dba77aa4a3c3ffe080529ad1d74568da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHCreateDirectoryExW
CommandLineToArgvW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

gdi32

ArcTo
PolyDraw

kernel32

VirtualProtect
lstrlenW
VirtualFree
VirtualAlloc
ExitProcess
FindFirstFileW
FindNextFileW
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetModuleHandleA
GetProcAddress
InterlockedExchange
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter

user32

MessageBoxW
IsWindow

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_exit
_initterm
_ismbblead
_wcsdup
_wcslwr
exit
free
memset
printf
wcsstr
wprintf

Exports

Exports

AAuxDecode
CchFileTimeToDateTimeW
CreateSystemHandleName
HrFillRasCombo
HrGetBodyElement
HrGetStyleSheet
HrIsStreamUnicode
IsHttpUrlA
PrepareUpdate
PszSkipWhiteW
RicheditStreamIn
StrTokEx

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dba77aa4a3c3ffe080529ad1d74568da

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

gdi32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 1KB - Virtual size: 1KB