6d5e67165509b424b99cea59e492455548e86f27c14e3eadecfe038672ecd3fe

Sharing

Copy URL Twitter E-mail

General

Target

6d5e67165509b424b99cea59e492455548e86f27c14e3eadecfe038672ecd3fe
Size

57KB
MD5

93ba9510bdd753039a9ebda89a56fe3e
SHA1

611143fd8e7ffc2715fe234d6b6f612971f69ea1
SHA256

6d5e67165509b424b99cea59e492455548e86f27c14e3eadecfe038672ecd3fe
SHA512

a1c9f885b296933d3028278680ad515f2c987eaadec552095112045672d82256225aebd2a5ba2ea55dbd919af7c97a4ff97e44406990bfee60bc348d1e1bd694
SSDEEP

768:uR7sqAeF22vFymA+RZ2m6tkiwaPTs6urA9a7e0pLYdIuV2R18KoCqJxUCtGxdrKO:uRoP2v8a6KxKokg7TLYay2RmKxOhGfe

Score

N/A

Malware Config

Signatures

Files

6d5e67165509b424b99cea59e492455548e86f27c14e3eadecfe038672ecd3fe
.exe windows x86

0925ec88bf684360986da81569f333f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_vsnwprintf

advapi32

SetSecurityDescriptorOwner
RegSetKeySecurity
RegDeleteKeyW
InitializeAcl
AddAccessAllowedAce
GetAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorLength
MakeSelfRelativeSD
LookupPrivilegeValueW
AdjustTokenPrivileges
FreeSid
GetTokenInformation
IsValidSid
GetLengthSid
CopySid
OpenThreadToken
OpenProcessToken
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteValueW
AllocateAndInitializeSid
EqualSid
GetSecurityDescriptorOwner
RegGetKeySecurity

kernel32

GetLastError
GetCurrentProcess
GetCurrentThread
ReadFile
GetTickCount
RemoveDirectoryW
DeleteFileW
GetVersionExA
QueryPerformanceCounter
GetCurrentThreadId
GetProcessHeap
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
lstrcpynW
HeapAlloc
lstrcpyW
HeapFree
lstrcatW
GetWindowsDirectoryW
WriteFile
lstrlenW
CreateFileW
CloseHandle
GetTempFileNameW
GetTempPathW
CompareStringW
lstrcmpW

user32

CharPrevW
CharNextW
wsprintfW

msi

ord8
ord116
ord160
ord163
ord121
ord125
ord17
ord159
ord32
ord92
ord119
ord118
ord150
ord78

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0925ec88bf684360986da81569f333f9

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

msi

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 32KB

.rsrc Size: 18KB - Virtual size: 21KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 32KB

.rsrc
Size: 18KB - Virtual size: 21KB