b6be14321b43bc24ef81766b608b9d1282bfd3c47fc1b86391a30da51f2856af

Sharing

Copy URL Twitter E-mail

General

Target

b6be14321b43bc24ef81766b608b9d1282bfd3c47fc1b86391a30da51f2856af
Size

140KB
MD5

0fb3ab8caef782dcf338d81e4231da98
SHA1

9aaed18b855351690ae64046928f8b48eeca7e34
SHA256

b6be14321b43bc24ef81766b608b9d1282bfd3c47fc1b86391a30da51f2856af
SHA512

e74c69914d6c006cdf3d259b0afb449426db55182946d91b0c196e0652ce85a5df310e64edccc652197efe20f8d386f9dbf4c50a126e4a9031780c4c60c8da0d
SSDEEP

3072:WNTpQblj1qtH+8T4JYxOaqt91f963/tzAu3IhuGrgl7nkBFjR5PNU:SCce8TKgG910PtzEuGrgl7nkZ5C

Score

N/A

Malware Config

Signatures

Files

b6be14321b43bc24ef81766b608b9d1282bfd3c47fc1b86391a30da51f2856af
.exe windows x86

02555ac7e2bbc8783b4a8c2da20365e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_XcptFilter
_acmdln
exit
_stricmp
strncpy
memset
__getmainargs
__p__fmode
strpbrk
atexit
wcschr
__set_app_type
_controlfp
signal
_wcsicmp
log
_initterm
_adjust_fdiv
__setusermatherr
wcscat
_osver
_except_handler3
__p__commode

kernel32

GetDriveTypeA
GetModuleHandleA
lstrcpyA
GetStartupInfoA
GetStringTypeW
RtlUnwind
GetPrivateProfileStringA
InterlockedDecrement
VirtualProtect
GetDiskFreeSpaceA
WaitForMultipleObjects

user32

IsRectEmpty
CheckMenuItem
SetCursor
WindowFromPoint
ReleaseDC
GetMenu
SetFocus
GetClassNameA
DrawFrameControl
GetSystemMenu
SystemParametersInfoA
GetPropA
ClientToScreen
GetParent

shell32

SHGetPathFromIDListA
ShellExecuteEx
SHGetPathFromIDList
DragAcceptFiles
SHGetSettings
ExtractIconA
SHBrowseForFolderA
ExtractIconW
FindExecutableW
CommandLineToArgvW
SHGetSpecialFolderLocation
ExtractAssociatedIconW

advapi32

RegDeleteKeyA
OpenThreadToken
RegEnumKeyExA
LookupPrivilegeValueA
DeleteService
SetSecurityDescriptorOwner
RegDeleteKeyW
CryptGenRandom
CloseServiceHandle
SetSecurityDescriptorGroup
OpenServiceW
RegEnumKeyExW
LookupPrivilegeValueW
InitializeSecurityDescriptor

oleaut32

SafeArrayRedim
GetErrorInfo
SetErrorInfo
LoadTypeLib
CreateErrorInfo
SysStringByteLen
SafeArrayPtrOfIndex

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_DragEnter
CreatePropertySheetPageA
InitCommonControls
ImageList_Remove
ImageList_AddMasked
ImageList_Replace

gdi32

GetEnhMetaFileDescriptionA
EndPath
SetTextColor
EnumEnhMetaFile
PlayMetaFileRecord
PtVisible
ExtCreatePen
GetBitmapBits
MaskBlt
GetNearestColor
GetTextCharsetInfo
DPtoLP
PatBlt

version

VerFindFileW
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

IsEqualGUID
CoCreateInstance
CoTaskMemFree
CreateItemMoniker
CoUninitialize

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

02555ac7e2bbc8783b4a8c2da20365e4

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

shell32

advapi32

oleaut32

comctl32

gdi32

version

ole32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 104KB - Virtual size: 184KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 104KB - Virtual size: 184KB