6804d62068191b4acd1ad8dfe5e6a2910e1768b4d9a3097d4f75dc761eee2e27

Sharing

Copy URL Twitter E-mail

General

Target

6804d62068191b4acd1ad8dfe5e6a2910e1768b4d9a3097d4f75dc761eee2e27
Size

184KB
MD5

0d66678570a53eedcfaae119b7cf12ae
SHA1

59c6dee8bac11a72727f01f062c1b387a7485f7f
SHA256

6804d62068191b4acd1ad8dfe5e6a2910e1768b4d9a3097d4f75dc761eee2e27
SHA512

de93ff92faa73600a1d088910bdabd033d1b37191768ff8233759a24003b6aa92a34fdfaebfea28fef22413a25de5ecd72e00ee7d7b34680a8a4525f9fdd2753
SSDEEP

3072:dDw+WMoM1w0IuyWrK94Arm3PfessV6atk8zVpk9mwBB0cCZXE/JwmmJiD:des1wCyWMPaHeV6aC8L+mw5CKJwVi

Score

N/A

Malware Config

Signatures

Files

6804d62068191b4acd1ad8dfe5e6a2910e1768b4d9a3097d4f75dc761eee2e27
.exe windows x86

1920e823c0179a9230bef40012643dc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
LocalAlloc
LCMapStringW
HeapCreate
FormatMessageW
GetConsoleMode
GetFileType
CreateThread
LoadResource
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
SetHandleCount
WriteFile
RtlUnwind
HeapFree
VirtualFree
GetCurrentThread
GetLastError
SetLastError
DeleteCriticalSection
GetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetStringTypeA
ExitProcess
GetVersion
GetModuleHandleA
GetCurrentProcessId
TlsGetValue
SizeofResource
SetUnhandledExceptionFilter
GetFileSize
FlushFileBuffers
GetTickCount
SetEndOfFile
GetCommandLineW
lstrlenW
GetSystemTimeAsFileTime
CreateEventA
lstrlenA
CreateFileW
GetFileAttributesW
GetCurrentProcess
HeapSize
CreateEventW
TlsFree
GlobalAlloc
GetProcessHeap
SetErrorMode
HeapDestroy
LoadLibraryW
TlsAlloc
LoadLibraryExW
GetStringTypeW
SetEvent
TlsSetValue
HeapReAlloc
FindFirstFileW
GetSystemInfo
GetFileAttributesA
GetACP
GetCPInfo
RegisterWaitForSingleObject
GlobalFree
FreeEnvironmentStringsW
SetStdHandle
GetCurrentThreadId
GetOEMCP
GetCommandLineA
Sleep
InitializeCriticalSection
VirtualAlloc

ole32

GetRunningObjectTable
CoLockObjectExternal
CoUninitialize
CoRevokeClassObject
RegisterDragDrop
CoDisconnectObject
RevokeDragDrop
ReleaseStgMedium
CLSIDFromProgID
CoInitialize
StringFromCLSID
CoQueryProxyBlanket
CoFreeUnusedLibraries
CLSIDFromString
CoRegisterMessageFilter
CreateBindCtx
StgCreateDocfileOnILockBytes
CoCreateGuid
CoInitializeSecurity
CoTaskMemFree
CreateILockBytesOnHGlobal
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
CoGetClassObject
OleRun
OleInitialize
OleIsRunning
OleRegGetUserType
OleUninitialize
OleFlushClipboard

advapi32

OpenProcessToken
RegQueryInfoKeyW
EqualSid
RegQueryValueExW
RegQueryValueExA
RevertToSelf
InitializeSecurityDescriptor
RegCreateKeyExA
CryptReleaseContext
RegDeleteValueW
AdjustTokenPrivileges
AddAccessAllowedAceEx
GetLengthSid
CryptCreateHash
CryptGenRandom
RegDeleteKeyW
OpenServiceW
AllocateAndInitializeSid
RegDeleteKeyA
CryptHashData
DeregisterEventSource
CryptAcquireContextA
RegEnumKeyExW
RegCloseKey
OpenThreadToken
LookupPrivilegeValueA
GetTokenInformation
RegCreateKeyExW
RegSetValueExA
CryptAcquireContextW
RegEnumValueW
RegSetValueExW
RegEnumValueA
RegEnumKeyExA
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegDeleteValueA
QueryServiceStatus
CloseServiceHandle
InitializeAcl
FreeSid
RegOpenKeyExA
CryptDestroyHash
RegOpenKeyExW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1920e823c0179a9230bef40012643dc5

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 128KB - Virtual size: 224KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 128KB - Virtual size: 224KB

.rsrc
Size: 16KB - Virtual size: 15KB