6e238c04a1a8df52806cd425924e02ea75ead38bbc3255b8df9edca3d3b96dab

Sharing

Copy URL Twitter E-mail

General

Target

6e238c04a1a8df52806cd425924e02ea75ead38bbc3255b8df9edca3d3b96dab
Size

145KB
MD5

924744970731ea3bb9fd70665b5a86e0
SHA1

b579f88e0436d5177ecd3e6dc45b28abf3afa598
SHA256

6e238c04a1a8df52806cd425924e02ea75ead38bbc3255b8df9edca3d3b96dab
SHA512

aa378231330bbd926fb41c0772425f4ffdc38783342a7d3f1a385f42ebef35a27dc2bbe600e86dbc92e7c9b8f16199fda5a7f6e21ce396dbd41cc6881dddd4ba
SSDEEP

3072:CYyNotilsyzpyNM42zXciLIXgRUkCdqmgfrkDc:3P4yNMyiLk+dNDkA

Score

N/A

Malware Config

Signatures

Files

6e238c04a1a8df52806cd425924e02ea75ead38bbc3255b8df9edca3d3b96dab
.exe windows x86

a9768c83dd27414ff7d50d28d2ef051f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
GetFileAttributesW
MultiByteToWideChar
GetPrivateProfileIntW
CreateToolhelp32Snapshot
GetPrivateProfileStringW
SetConsoleCtrlHandler
SetStdHandle
Process32FirstW
Process32NextW
CloseHandle
Thread32First
Thread32Next
OpenProcess
WaitForSingleObject
WritePrivateProfileStringW
TerminateProcess
RtlUnwind
RaiseException
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
GetLastError
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
WideCharToMultiByte
LCMapStringW
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetFilePointer
IsBadReadPtr
IsBadCodePtr
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetCPInfo
InterlockedExchange
LoadLibraryA
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
FlushFileBuffers

user32

PostThreadMessageW

advapi32

RegOpenKeyExW
RegDeleteValueW
RegCloseKey
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ControlService
RegQueryValueExW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a9768c83dd27414ff7d50d28d2ef051f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 76KB - Virtual size: 76KB