c6560b509fa397ba74bb34f766cfab7695104ccc7326a5321c0f0ad9642095fd

Sharing

Copy URL Twitter E-mail

General

Target

c6560b509fa397ba74bb34f766cfab7695104ccc7326a5321c0f0ad9642095fd
Size

247KB
MD5

073288fb6f6b55a4c7d175d24a0281e0
SHA1

fc5047e7021e7b4a8897c09b97b657c40794cb30
SHA256

c6560b509fa397ba74bb34f766cfab7695104ccc7326a5321c0f0ad9642095fd
SHA512

928cf9089c3ad6b14ae40ec17ed44582c2cd51b6e42f6c6e71dab33b845506e2fc23a9ed8a0995b21054a6860e1a0ef66aec99a4134f2c18a47c456bed265684
SSDEEP

6144:XbhAiw3mulh7/nzLA7P8NM/EW0MHuz/4/xTRo:dA73DRzLA78C/E013o

Score

N/A

Malware Config

Signatures

Files

c6560b509fa397ba74bb34f766cfab7695104ccc7326a5321c0f0ad9642095fd
.exe windows x86

0b9157412606d0fbb6593be84fa0f4bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

srand
malloc
free
localtime
mktime
time
_onexit
__dllonexit
_initterm
?terminate@@YAXXZ
_purecall
strstr
sprintf
memmove
__CxxFrameHandler
rand
strtoul
isdigit
strncmp
strtol
wcsstr
wcslen
__RTDynamicCast

advapi32

RegCloseKey
GetUserNameA
RegOpenKeyExA
RegQueryValueExA

kernel32

InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
IsBadWritePtr
InterlockedDecrement
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
SetLastError
LeaveCriticalSection
GetLastError
lstrlenA
lstrcpyA
GetProcessHeap
GetCalendarInfoW
SizeofResource
WaitForMultipleObjects
GetDefaultCommConfigW
GetComputerNameW
CreateJobSet
SetConsoleOutputCP
HeapDestroy
GetConsoleInputExeNameA
WriteConsoleOutputAttribute
VerifyVersionInfoW
GetLongPathNameA
WriteTapemark
GetConsoleAliasExesW
InterlockedPushEntrySList
DeleteVolumeMountPointW
LocalCompact
VerSetConditionMask
GetVolumeInformationW
GetThreadContext
BaseInitAppcompatCacheSupport
EndUpdateResourceA
SetLocalPrimaryComputerNameW
DebugSetProcessKillOnExit
UpdateResourceW
LocalAlloc
CreateTimerQueue
WriteProfileSectionW
GetVolumeNameForVolumeMountPointA
QueueUserAPC
GetComputerNameExA
GetStringTypeExW
VirtualProtect
GetNamedPipeHandleStateA
InitAtomTable
QueryDepthSList
WriteProfileSectionA
WaitForSingleObject
GetCommandLineA
CreateWaitableTimerW
SetConsoleNlsMode
FillConsoleOutputAttribute
GetEnvironmentStringsA
VirtualLock
SetThreadPriorityBoost
SetFirmwareEnvironmentVariableW
Toolhelp32ReadProcessMemory
SetFileTime
SetComputerNameA
GlobalDeleteAtom
GetDriveTypeA
GetGeoInfoA
GetConsoleProcessList
CompareStringW
WriteConsoleInputA
BaseFlushAppcompatCache
GetStringTypeExA
EnumSystemCodePagesA
FindFirstVolumeA
LoadLibraryW
GetVersionExA
MoveFileWithProgressA
Process32NextW
GetVolumePathNamesForVolumeNameA
SetFileApisToOEM
GetProfileStringW
GlobalMemoryStatus
GlobalFindAtomW
SetConsoleOS2OemFormat
CopyFileExW
FatalAppExitA
ProcessIdToSessionId
RtlMoveMemory
GetTapeStatus
GetPrivateProfileSectionNamesW
BindIoCompletionCallback
CreateFileMappingA
GetProcessShutdownParameters
GetModuleHandleA
PurgeComm
GetFileAttributesExW
VerLanguageNameW
EnumDateFormatsW
DebugActiveProcess
SetCommBreak
GlobalGetAtomNameW
SetProcessPriorityBoost
SearchPathA
LoadLibraryExA
GetProcAddress
SetCurrentDirectoryA
GetModuleFileNameA
GetLocalTime

ole32

CoCreateFreeThreadedMarshaler

user32

GetShellWindow
MsgWaitForMultipleObjectsEx
CharNextA
UnpackDDElParam
ToUnicode
DefWindowProcA
IMPSetIMEW
RegisterLogonProcess
SetScrollPos
DialogBoxIndirectParamW
SendDlgItemMessageW
GetDialogBaseUnits
DdeSetUserHandle
GetOpenClipboardWindow
SetTaskmanWindow
SetWindowTextA
CreateDialogParamA
EmptyClipboard
GetClassNameW
IsWindowVisible
GetTabbedTextExtentW
GetWindowTextLengthW
DdeGetLastError
DlgDirSelectComboBoxExA
SetUserObjectInformationW
DefRawInputProc
DdeConnect
GetListBoxInfo
ChildWindowFromPointEx
LoadKeyboardLayoutW
PtInRect
EnterReaderModeHelper
RealChildWindowFromPoint
MapVirtualKeyExA
LookupIconIdFromDirectoryEx
GetRawInputDeviceList
CreateDialogParamW
InSendMessageEx
DrawFrameControl
DrawTextExA
CreateAcceleratorTableW
ModifyMenuW
ShowStartGlass
CloseDesktop
DrawIconEx
SetInternalWindowPos
CreateWindowExW
CharUpperW
DdeCmpStringHandles
DrawCaption
IsCharAlphaNumericA
SetShellWindowEx
SetWindowPlacement
GetLastActivePopup
SetWindowContextHelpId
SendMessageA
KillTimer
PostQuitMessage
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
SetCursor

gdi32

SetEnhMetaFileBits
CreateFontIndirectExA
SetMapMode
GetClipRgn
QueryFontAssocStatus
GetNearestColor
PolyBezierTo
ClearBrushAttributes
CreateScalableFontResourceW
GdiConvertFont
CreateMetaFileW
StartDocW
GdiSetLastError
GdiDllInitialize
ResetDCW
GdiAlphaBlend
GdiEntry15
DdEntry31
GetTextFaceA
CloseEnhMetaFile
DdEntry19
GetTextCharset
SelectFontLocal
SaveDC
DdEntry15
GdiConvertBitmap
BitBlt
CreatePenIndirect
SetDIBitsToDevice
GdiConvertPalette
PATHOBJ_bEnumClipLines
GetRasterizerCaps
EngAlphaBlend
AngleArc
SelectPalette
CreateEnhMetaFileA
DeleteColorSpace
DdEntry34
GetCurrentPositionEx
ClearBitmapAttributes
DdEntry41
GdiQueryFonts
GetNearestPaletteIndex

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 3KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 195KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b9157412606d0fbb6593be84fa0f4bf

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

ole32

user32

gdi32

Sections

.text Size: 17KB - Virtual size: 17KB

.pdata Size: 3KB - Virtual size: 52KB

CODE Size: 3KB - Virtual size: 94KB

DATA Size: 195KB - Virtual size: 369KB

.rdata Size: 7KB - Virtual size: 7KB

.pdata Size: 4KB - Virtual size: 88KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.pdata
Size: 3KB - Virtual size: 52KB

CODE
Size: 3KB - Virtual size: 94KB

DATA
Size: 195KB - Virtual size: 369KB

.rdata
Size: 7KB - Virtual size: 7KB

.pdata
Size: 4KB - Virtual size: 88KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 1KB - Virtual size: 1KB