b6491bc2dfed13fd7418570768f099396f5927d804f9ada7202a2a5277249a65

Sharing

Copy URL Twitter E-mail

General

Target

b6491bc2dfed13fd7418570768f099396f5927d804f9ada7202a2a5277249a65
Size

337KB
MD5

0f1dd7a92281adc39c6a890d395804a1
SHA1

f7e4357aff817bc02b33f985c37c2a7cc910b506
SHA256

b6491bc2dfed13fd7418570768f099396f5927d804f9ada7202a2a5277249a65
SHA512

f3281296aa75425da3b4419724d17c710dcefa9c9022bfc9ee43f3ca573212ada29516f13e4c2686aee40133f8cc807f9a4825d5400d06b802b49ba1a10e4576
SSDEEP

6144:SIRoAVeFuI6fZq5iCQ+ruAoutqs7vkdvJV0:SIRoEeoxZAiCQ+5LxvwU

Score

N/A

Malware Config

Signatures

Files

b6491bc2dfed13fd7418570768f099396f5927d804f9ada7202a2a5277249a65
.exe windows x86

deaccae7fb3e98459ef00abda61bfe90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathA

kernel32

MultiByteToWideChar
lstrlenA
GetModuleFileNameA
EnterCriticalSection
lstrlenW
WideCharToMultiByte
CompareStringA
CompareStringW
LocalAlloc
FormatMessageA
CreateDirectoryA
GetFileAttributesA
CloseHandle
OpenProcess
GetLastError
DeleteFileA
LocalFree
LeaveCriticalSection
SetEvent
CancelWaitableTimer
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
CreateThread
CreateEventA
lstrcpyA
lstrcatA
Sleep
GetCurrentThreadId
GetCommandLineA
SetStdHandle
LCMapStringW
LCMapStringA
LoadLibraryA
SetFilePointer
GetStringTypeW
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
WaitForSingleObject
SetEnvironmentVariableA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WriteFile
VirtualQuery
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
HeapSize
GetCurrentProcess
TerminateProcess
GetProcAddress
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
SetLastError
TlsFree
SetUnhandledExceptionFilter
ExitProcess
GetStartupInfoA
GetModuleHandleA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
GetLocaleInfoA
GetVersionExA
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetTimeFormatA
GetDateFormatA
GetStdHandle

user32

CharUpperA
wsprintfA
SetTimer
CharUpperBuffA
TranslateMessage
DispatchMessageA
GetMessageA
CharNextA
PostThreadMessageA

advapi32

RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA

ole32

CLSIDFromString
CoUninitialize
CoInitializeEx
CoDisconnectObject
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoInitialize
CoCreateInstance

oleaut32

RegisterTypeLi
UnRegisterTypeLi
VariantChangeType
VarBstrCat
SysAllocStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayDestroy
SafeArrayLock
SafeArrayUnlock
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
VariantClear
SafeArrayCopy
SafeArrayGetVartype
VariantInit
VarBstrCmp
SysStringLen
LoadTypeLi
LoadRegTypeLi
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString

shlwapi

PathFindExtensionA

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

vgfwt
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 140KB - Virtual size: 140KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

deaccae7fb3e98459ef00abda61bfe90

Headers

File Characteristics

Imports

shfolder

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 20KB - Virtual size: 19KB

vgfwt Size: 8KB - Virtual size: 4KB

Size: 140KB - Virtual size: 140KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 20KB - Virtual size: 19KB

vgfwt
Size: 8KB - Virtual size: 4KB