6a137d0253e68bd1f6ecb628212b86eb55af69e01f105623bb72d9568c4db91e

Sharing

Copy URL Twitter E-mail

General

Target

6a137d0253e68bd1f6ecb628212b86eb55af69e01f105623bb72d9568c4db91e
Size

460KB
MD5

92d0f4fc1ae39837de6a6c6bb41913bb
SHA1

539743a86e834714ae057e3b408dd5dca1199781
SHA256

6a137d0253e68bd1f6ecb628212b86eb55af69e01f105623bb72d9568c4db91e
SHA512

b563e5ca011c9bc19196df51782d3289f6ba102479946c686e69b81bd70d92a53c09ed8da7fd46e10d2bf47deb6f88c6eb761cf96cc2f2e9b8d2d8fe2f2a28d2
SSDEEP

6144:3ZlSkPb6o/nNVS8kzNpT1d6nEIF3HYAaCfDy:jtD6o/nCV/r6nESYyDy

Score

N/A

Malware Config

Signatures

Files

6a137d0253e68bd1f6ecb628212b86eb55af69e01f105623bb72d9568c4db91e
.exe windows x86

aa6e94dfc7e4e00bf8f5ae4cb5522b8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2576
ord3649
ord6266
ord2430
ord2447
ord1637
ord823
ord2550
ord6211
ord2078
ord6051
ord1768
ord5286
ord3397
ord4418
ord3716
ord3566
ord567
ord1634
ord1143
ord4294
ord3087
ord6868
ord1761
ord6193
ord6376
ord6374
ord641
ord2505
ord293
ord1165
ord3785
ord3701
ord4667
ord4269
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord561
ord815
ord2613
ord4154
ord6113
ord4155
ord2717
ord2858
ord755
ord470
ord4270
ord1172
ord613
ord289
ord2438
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6168
ord5869
ord5785
ord5790
ord5674
ord5732
ord5575
ord5567
ord4215
ord5860
ord3591
ord640
ord2397
ord2746
ord6190
ord6017
ord5781
ord1633
ord323
ord4279
ord535
ord5977
ord3084
ord6451
ord324
ord4229
ord4704
ord6871
ord3792
ord5276
ord4282
ord2836
ord3568
ord538
ord5871
ord6195
ord3614
ord6654
ord4273
ord2755
ord2854
ord283
ord2099
ord2706
ord5446
ord5436
ord6379
ord6390
ord1941
ord818
ord4118
ord2372
ord1088
ord2114
ord556
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord2506
ord4992
ord4847
ord4370
ord5261
ord825
ord2810
ord2406
ord795
ord3658
ord3621
ord2371
ord2859
ord2294
ord3592
ord4419
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord6057
ord2116
ord540
ord1137
ord6278
ord6279
ord800
ord2966
ord2910
ord1569

msvcrt

swprintf
_wsplitpath
wcscpy
__CxxFrameHandler
wcscat
vswprintf
_wtoi
_ftol
wcscmp
_wcsicmp
wcsrchr
_winmajor
_strnicmp
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
wcslen

kernel32

GetModuleHandleW
SetEvent
Sleep
CreateEventW
LoadLibraryW
GetProcAddress
FreeLibrary
CreateMutexW
GetLastError
ReleaseMutex
GetCurrentThreadId
WritePrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
OutputDebugStringW
GetModuleFileNameW
GetPrivateProfileStringW
GetStartupInfoW

user32

PtInRect
FillRect
ReleaseDC
GetDC
GetAsyncKeyState
SetRect
CopyRect
GetMonitorInfoW
AppendMenuW
GetClientRect
GetParent
EnableWindow
KillTimer
SetTimer
GetWindowRect
IsZoomed
DrawTextW
GetWindowLongW
GetKeyState
LoadImageW
SetCapture
ReleaseCapture
InvalidateRect
GetSystemMetrics
DrawIcon
GetSystemMenu
LoadIconW
FindWindowW
IsIconic
ShowWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
SetWindowRgn
LoadCursorW
GrayStringW
SetCursor
SystemParametersInfoW
PostMessageW
LoadBitmapW
TabbedTextOutW
SetWindowLongW
SendMessageW
MonitorFromWindow
CreatePopupMenu

gdi32

CreateCompatibleDC
GetObjectW
GetPixel
CreateBitmap
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
LPtoDP
SetBrushOrgEx
UnrealizeObject
CreatePatternBrush
CreateFontW
GetTextExtentPoint32W
StretchBlt
CreateCompatibleBitmap
GetMapMode
DPtoLP
GetBkColor
CreateRoundRectRgn
CreateRectRgn
BitBlt

comdlg32

GetOpenFileNameW

advapi32

RegCreateKeyW
RegSetValueExW
RegCloseKey

shell32

DragQueryFileW

comctl32

_TrackMouseEvent

ole32

CoCreateInstance

gdiplus

GdiplusShutdown
GdiplusStartup

d3d9

Direct3DCreate9

shlwapi

PathFileExistsW

winmm

sndPlaySoundW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa6e94dfc7e4e00bf8f5ae4cb5522b8c

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

ole32

gdiplus

d3d9

shlwapi

winmm

version

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 292KB - Virtual size: 290KB

.rrdata Size: 72KB - Virtual size: 72KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 292KB - Virtual size: 290KB

.rrdata
Size: 72KB - Virtual size: 72KB