6fa5230b36533368320c3d3448b923d9b70654b5a096d2726b4d16eb0cc53b64

Sharing

Copy URL Twitter E-mail

General

Target

6fa5230b36533368320c3d3448b923d9b70654b5a096d2726b4d16eb0cc53b64
Size

420KB
MD5

9eab89715a83596b28a8b9d005e9a85c
SHA1

4ba3620434489a0b536c0c0cef32223e84f0ff10
SHA256

6fa5230b36533368320c3d3448b923d9b70654b5a096d2726b4d16eb0cc53b64
SHA512

334e6a6eb01af16509ac9a20072256236ed3b06730f5e197ee0ba4b2f3cebacdd1b86297f49b6dfac54af71c973afc19613f3da1b17abbe97cdf520a59f1cedd
SSDEEP

6144:aXXD7eohZIiGlAOAM53UVIA0PRAzbxG+fZoMpzZ9BiWwi/b/33GPK:amohiiGlmMpUiAqRKbx7B1dZjbwiLEK

Score

N/A

Malware Config

Signatures

Files

6fa5230b36533368320c3d3448b923d9b70654b5a096d2726b4d16eb0cc53b64
.exe windows x86

f9662878e234ac42e175a11555b0f3fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

WindowFromPoint
WinHelpA
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCursor
SetWindowsHookExA
SetWindowPos
SetWindowPlacement
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongA
SetCapture
SetActiveWindow
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharLowerBuffA
CharLowerA
AdjustWindowRectEx
ActivateKeyboardLayout
GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
IsWindowVisible
IsWindowUnicode
IsZoomed
TabbedTextOutA
IsHungAppWindow
CheckRadioButton

shell32

ShellExecuteExW
SHGetDesktopFolder
ShellExecuteW
SHGetMalloc

advapi32

RegEnumValueW
QueryServiceStatus
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RevertToSelf
RegQueryValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumKeyExA
RegEnumKeyW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegDeleteKeyW
RegDeleteValueW
OpenSCManagerW

gdi32

SetTextAlign
CreateBrushIndirect

kernel32

InterlockedIncrement
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
IsDebuggerPresent
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
WriteFile
GetProcAddress
GetModuleHandleW
HeapCreate
VirtualAlloc
VirtualFree
DeleteCriticalSection
GetStartupInfoA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
LocalAlloc
GetModuleHandleA
GetCPInfo
GetOEMCP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
ReadFile
WaitForMultipleObjects
ResetEvent
SetEvent
CreateDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetCurrentThreadId
InitializeCriticalSection
lstrlenA
GetLastError
lstrcpynW
lstrlenW
GetFullPathNameW
GetFileAttributesW
SetLastError
WideCharToMultiByte
MultiByteToWideChar
Sleep
TerminateThread
CreateMutexW
GetCurrentProcess
GetExitCodeProcess
FindResourceW
LoadResource
SizeofResource
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentProcessId
GetTickCount
WaitForSingleObject
SwitchToThread
GlobalFindAtomW
GetVolumeInformationW
LockFile
UnlockFile
GetThreadLocale
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
CompareStringW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetFileAttributesExW
GetCommandLineW
HeapFree
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
SetStdHandle
GetLocaleInfoA
CreateFileA
CloseHandle
LCMapStringA
GetStringTypeA
GetStringTypeW
CompareStringA
SetEnvironmentVariableA
GetCurrentThread
GlobalLock
GetOverlappedResult
EnumResourceNamesW
CreateSemaphoreW
LCMapStringW
LockResource
PeekNamedPipe
HeapReAlloc
RaiseException
ExitProcess
RtlUnwind
IsProcessorFeaturePresent
GetACP
GetModuleHandleExW
HeapSize
VirtualProtect
VirtualQuery
GetStdHandle
GetProcessHeap
FormatMessageW
HeapAlloc
GlobalAlloc
GlobalUnlock
GlobalFree
MulDiv
GetFileType

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9662878e234ac42e175a11555b0f3fe

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

advapi32

gdi32

kernel32

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 109KB - Virtual size: 108KB

.data Size: 16KB - Virtual size: 135KB

.rsrc Size: 188KB - Virtual size: 188KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 109KB - Virtual size: 108KB

.data
Size: 16KB - Virtual size: 135KB

.rsrc
Size: 188KB - Virtual size: 188KB