6bce8ca1bb99a1abd1fd324d76665d43ca651c2f9dc9fddb6a13b5795de12814

Sharing

Copy URL Twitter E-mail

General

Target

6bce8ca1bb99a1abd1fd324d76665d43ca651c2f9dc9fddb6a13b5795de12814
Size

97KB
MD5

92d46fbc490123470f88fb64c5189021
SHA1

0bf755147ebbb850d4bae661b9f20045cee9bcd8
SHA256

6bce8ca1bb99a1abd1fd324d76665d43ca651c2f9dc9fddb6a13b5795de12814
SHA512

a720d45ef01181d9e4edb024c2c464d4443daf73000e1897f68ecf7866189bee5021caa280948ad9d141681f602ed418621c6b955da831476149f38ae3c122b4
SSDEEP

3072:rBsY2zj7p/HgZk9zFsufIOTiHgobnbMb2o:FsNzjkCzFsGaYT

Score

N/A

Malware Config

Signatures

Files

6bce8ca1bb99a1abd1fd324d76665d43ca651c2f9dc9fddb6a13b5795de12814
.exe windows x86

31a275c606af8103b3b75cbfd98f56a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetSystemDirectoryA
Sleep
SetFileAttributesA
LoadLibraryA
GetVersionExA
FindNextFileA
WriteFile
SetFileTime
GetFileTime
FindClose
GetCommandLineA
GetCurrentProcessId
MoveFileA
MoveFileExA
CopyFileA
CreateDirectoryA
GetSystemTime
GetWindowsDirectoryA
GetProcAddress
FreeLibrary
LocalFree
DeleteFileA
FormatMessageA
LeaveCriticalSection
GetModuleFileNameA
EnterCriticalSection
CreateThread
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
SetEvent
CloseHandle
DeleteCriticalSection
GetLastError
CreateEventA
CreateFileA
MultiByteToWideChar
InitializeCriticalSection
GetTimeZoneInformation
GetLocalTime
VirtualAlloc
SetHandleCount
GetStringTypeW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
CompareStringW
CompareStringA
LCMapStringW
SetEnvironmentVariableA
GetStringTypeA
VirtualFree
FreeEnvironmentStringsA
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
CreateProcessA
GetExitCodeProcess
GetFileAttributesA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
WideCharToMultiByte
HeapSize
HeapFree
GetCurrentProcess
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
RtlUnwind
ExitProcess
TerminateProcess
SetFilePointer
ReadFile
GetModuleHandleA
GetStartupInfoA
GetVersion
HeapAlloc
HeapReAlloc

user32

FindWindowA
SetWindowPos
MessageBoxA
GetForegroundWindow
SetForegroundWindow
IsWindowVisible

advapi32

ControlService
DeleteService
OpenServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
RegisterServiceCtrlHandlerA
RegOpenKeyExA
SetServiceStatus
RegCloseKey
StartServiceCtrlDispatcherA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegEnumValueA
RegCreateKeyA
RegEnumKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString

wininet

InternetReadFile
HttpQueryInfoA
InternetGetConnectedState
InternetOpenUrlA
InternetSetOptionA
InternetCloseHandle
InternetOpenA

wsock32

gethostbyname
WSACleanup
gethostname
WSAStartup

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31a275c606af8103b3b75cbfd98f56a9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

wsock32

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 41KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 41KB

.rsrc
Size: 8KB - Virtual size: 5KB