6dde6908f27074e31270635eee484756b726c270068936b3021396dcaf604e30

Sharing

Copy URL

Twitter E-mail

General

Target

6dde6908f27074e31270635eee484756b726c270068936b3021396dcaf604e30
Size

312KB
MD5

83cf7c20398745eaf3d3ee6b8f78dc60
SHA1

d37752c96053f8f26f3f329fc762289572cff170
SHA256

6dde6908f27074e31270635eee484756b726c270068936b3021396dcaf604e30
SHA512

e9d83f49c18ed62666e8d3a7000820dfcb10b2afa139e3a18fb095987fa2e68dcb2c43abebbafdbbb27450520c6d4d2416c58e94376a2a7b7488a8cc9e6bf3ad
SSDEEP

6144:omvoUsdTZQ0cWv7DUMqMkh8laMVArETBlFe7Ybzo0naGi:oHU0ZQ0fvnUMq1h84MVArET47YbPaGi

Score

N/A

Malware Config

Signatures

Files

6dde6908f27074e31270635eee484756b726c270068936b3021396dcaf604e30
.exe windows x86

8b503f92675df4ff31878cc69e4a8b7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetCurrentDirectoryA
CopyFileA
Sleep
DeleteFileA
SetFileAttributesA
GetShortPathNameA
WaitForSingleObject
SetEvent
CreateEventA
GetTickCount
GetFileSize
CreateFileA
GetLocalTime
ReadFile
SetFilePointerEx
AllocConsole
FreeConsole
SetFilePointer
GetStdHandle
WriteFile
GetTempFileNameA
GetTempPathA
GetCurrentThreadId
SuspendThread
ResumeThread
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
MoveFileExA
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
lstrlenA
LocalFree
LocalAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
RaiseException
DeviceIoControl
lstrcatA
GetSystemDirectoryA
lstrcpyA
HeapReAlloc
SetLastError
GlobalAlloc
GlobalFree
GetFileInformationByHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoW
FlushFileBuffers
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
VirtualQuery
SetStdHandle
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateMutexA
WideCharToMultiByte
GetModuleFileNameA
OutputDebugStringA
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
GetLastError
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapFree
HeapAlloc
OpenProcess
CloseHandle
FreeLibrary
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
UnhandledExceptionFilter
GetOEMCP
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetCPInfo
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitProcess
RtlUnwind
InterlockedIncrement
InterlockedDecrement
PeekNamedPipe

user32

RegisterClassExA
PostThreadMessageA
PeekMessageA
IsCharAlphaNumericA
wsprintfA
CreateWindowExA
UpdateWindow
SetTimer
DefWindowProcA
FindWindowA
PostQuitMessage
KillTimer
DestroyWindow
GetMessageA
DispatchMessageA
TranslateMessage

gdi32

DeleteObject

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysStringLen
SysAllocString

shlwapi

SHSetValueA
PathRenameExtensionA
PathFindExtensionA
SHGetValueA
PathFileExistsA

wsock32

htons
closesocket
getsockname
inet_addr
bind
sendto
connect
WSAGetLastError
gethostbyname
ioctlsocket
accept
inet_ntoa
getpeername
recv
WSACleanup
ntohs
listen
shutdown
WSAStartup
send
socket

wininet

InternetOpenA
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetCloseHandle

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b503f92675df4ff31878cc69e4a8b7a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

wsock32

wininet

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 29KB

.rsrc Size: 88KB - Virtual size: 87KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 29KB

.rsrc
Size: 88KB - Virtual size: 87KB