b6dea7e6e111f2dfe66068da9362b96df05e824bac1c47abeae68a6f98d3a7d9

Sharing

Copy URL Twitter E-mail

General

Target

b6dea7e6e111f2dfe66068da9362b96df05e824bac1c47abeae68a6f98d3a7d9
Size

213KB
MD5

1107cdd801f8689e7168e26f23a18e86
SHA1

18ae80d138b980d3c0cef4ad7e7003f2fbfa894a
SHA256

b6dea7e6e111f2dfe66068da9362b96df05e824bac1c47abeae68a6f98d3a7d9
SHA512

4b9ea78a615ed65eedd7494aa433ef1c98971674054f777cf7fb725b440ac906f08cbb8d971e98e980f6280cee9880b1bf9d95678cceeb1f03146fc696ecdf1b
SSDEEP

6144:sZrKDpA2Pm/C5ThZQ/6Evd1vkt8W0k5vy+vQ9u26HhTUPF:sZrKDK2Pm/QhZQ/6IH8t8+xdoQ2Zt

Score

N/A

Malware Config

Signatures

Files

b6dea7e6e111f2dfe66068da9362b96df05e824bac1c47abeae68a6f98d3a7d9
.exe windows x86

64dff3be869487be7c0b887cf8dfc8ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
calloc
memcmp
memcpy
_beginthreadex
_strupr
wcscpy
atoi
wcstombs
wcslen
mbstowcs
strncat
vsprintf
__setusermatherr
fopen
fwrite
fclose
strrchr
malloc
_ftol
memmove
strcmp
__CxxFrameHandler
_CxxThrowException
strcpy
_except_handler3
rand
_access
??2@YAPAXI@Z
??3@YAXPAX@Z
strcat
free
strlen
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
exit
memset

kernel32

FreeLibrary
LocalAlloc
InterlockedExchange
WideCharToMultiByte
LocalFree
GetLastError
GetStartupInfoA
GetModuleHandleA
lstrlenA
MultiByteToWideChar
RaiseException
InterlockedDecrement
MoveFileA
GetFileSize
VirtualAlloc
ReadFile
CloseHandle
FindFirstFileA
WriteFile
FindClose
Sleep
LoadLibraryA
GetProcAddress

user32

IsWindow
SendMessageA
CreateWindowExA

advapi32

RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

ole32

CLSIDFromProgID
CLSIDFromString
OleRun
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

msvfw32

ICSendMessage

Sections

.text
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

NewSec
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NewSec
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

64dff3be869487be7c0b887cf8dfc8ee

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

msvcp60

ole32

oleaut32

msvfw32

Sections

.text Size: 129KB - Virtual size: 132KB

.rdata Size: 12KB - Virtual size: 16KB

.data Size: 28KB - Virtual size: 56KB

.rsrc Size: 33KB - Virtual size: 36KB

NewSec Size: 4KB - Virtual size: 4KB

NewSec Size: 4KB - Virtual size: 4KB

.text
Size: 129KB - Virtual size: 132KB

.rdata
Size: 12KB - Virtual size: 16KB

.data
Size: 28KB - Virtual size: 56KB

.rsrc
Size: 33KB - Virtual size: 36KB

NewSec
Size: 4KB - Virtual size: 4KB

NewSec
Size: 4KB - Virtual size: 4KB