f6cdd10b2ab74b918eb71d2d8743255a7c0f5b3b9c924321a712e1ee3f02c952

General

Target

f6cdd10b2ab74b918eb71d2d8743255a7c0f5b3b9c924321a712e1ee3f02c952
Size

136KB
MD5

a28464188ebc814f73f33604eaaf3e11
SHA1

68fb6f1f4620e65840e98a3d034812e3adc1cf7c
SHA256

f6cdd10b2ab74b918eb71d2d8743255a7c0f5b3b9c924321a712e1ee3f02c952
SHA512

fc06667cffecbb8978cd023e879cea0d3ce2b27a7cf2bfd58dc5876751effd18bfba60f83ef66932ebd01c3c92ff8b47e5a2168ca8fb2f6c06f9f3938fa1f2f8
SSDEEP

3072:WwioQ7TP9JdDOkIuwde3XUZryb88DhTm0KGWWBE:x1Q7TD1OkIun3Xfpm0VB

Score

N/A

Malware Config

Signatures

Files

f6cdd10b2ab74b918eb71d2d8743255a7c0f5b3b9c924321a712e1ee3f02c952
.dll windows x86

6d211efb8bb8ba60ff39dd7d63686723

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
OpenEventA
EnterCriticalSection
CloseHandle
GetTickCount
CreateDirectoryA
CopyFileA
MapViewOfFile
LocalFree
InterlockedDecrement
CreateProcessA
lstrlenW
GetModuleFileNameA
WaitForSingleObject
GetLastError
lstrlenA
CreateEventA
ReleaseMutex
LeaveCriticalSection
InterlockedCompareExchange
SetLastError
GetModuleHandleA
GetCommandLineA
LoadLibraryA
ExitProcess
Sleep
GetProcAddress
InterlockedIncrement

ole32

CoCreateGuid
CreateBindCtx
OleSetContainedObject
CoInitialize
CoUninitialize
OleCreate

user32

DestroyWindow
GetMessageA
TranslateMessage
GetParent
GetClassNameA
PostMessageA
PostQuitMessage
KillTimer
CreateWindowExA
RegisterWindowMessageA
SetWindowLongA
GetWindowLongA
DispatchMessageA
SetTimer
GetSystemMetrics
SendMessageA
FindWindowA
DefWindowProcA

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

Exports

Exports

QuickMapAgent

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d211efb8bb8ba60ff39dd7d63686723

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB