615603a93e0b04271bc7e854aadf79b3db80db95198cb955cb6c5ab2074e6e6f

Sharing

Copy URL Twitter E-mail

General

Target

615603a93e0b04271bc7e854aadf79b3db80db95198cb955cb6c5ab2074e6e6f
Size

829KB
MD5

09d121cafa664866c2d3d5252c882ab7
SHA1

92ff5d7a2f64c1a55e47f2dca8eea4bcedefd01a
SHA256

615603a93e0b04271bc7e854aadf79b3db80db95198cb955cb6c5ab2074e6e6f
SHA512

48c1e3faa838636ae9b1fdf520d773e9652a9688a8c6a95dd8819245039a5efcab077d8abe7560bf5f4a5467a1a334259ca629d3eefa4ccee178a8aed1f67cbf
SSDEEP

24576:IM2+0ir5AEw8jMC6mTKTwRTZ1RRTo6XdOu:I00y536mTKmV1RRToXu

Score

N/A

Malware Config

Signatures

Files

615603a93e0b04271bc7e854aadf79b3db80db95198cb955cb6c5ab2074e6e6f
.exe windows x86

68de63c1b98457527683107e3304b12d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetStartupInfoA
RtlUnwind
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapSize
FreeLibrary
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapAlloc
RaiseException
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
ReadFile
LoadResource
LockResource
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
FindResourceA
SizeofResource
CreateThread
SuspendThread
ResumeThread
GetPrivateProfileStringA
CreateDirectoryA
RemoveDirectoryA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
FlushFileBuffers
SetEndOfFile
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
HeapFree
GetVersionExA
GetCommandLineA
FormatMessageA
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
HeapReAlloc
InitializeCriticalSection
GetSystemDirectoryA
GetSystemDefaultLangID
CloseHandle
SetFilePointer
CreateFileA
GetFileAttributesA
GetPrivateProfileIntA
GetTempFileNameA
GetTempPathA
WriteConsoleW

sensapi

IsNetworkAlive

shell32

ILGetSize
SHBrowseForFolderA
SHGetPathFromIDListA

advapi32

RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegOpenKeyExA

ole32

CoTaskMemFree
CoInitialize
StgCreateDocfile
StgOpenStorage
CoUninitialize

comctl32

InitCommonControlsEx

user32

TranslateMessage
IsDialogMessageA
GetMessageA
PostQuitMessage
DestroyWindow
GetWindowLongA
SetWindowLongA
CreateDialogParamA
DispatchMessageA
LoadStringA
ExitWindowsEx
CharNextA
IsWindow
PostMessageA
IsCharAlphaNumericA
MessageBoxA
LoadIconA
GetDlgItem
SendMessageA
SetForegroundWindow
SetWindowTextA
ShowWindow

Sections

.text
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 400KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68de63c1b98457527683107e3304b12d

Headers

File Characteristics

Imports

kernel32

sensapi

shell32

advapi32

ole32

comctl32

user32

Sections

.text Size: 414KB - Virtual size: 414KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 400KB - Virtual size: 3.8MB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 414KB - Virtual size: 414KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 400KB - Virtual size: 3.8MB

.rsrc
Size: 9KB - Virtual size: 9KB