e6946ae26f12cb3f9f9c997bc9f59df41e232f0f2a9ec7eb3387da726615cc61

Sharing

Copy URL

Twitter E-mail

General

Target

e6946ae26f12cb3f9f9c997bc9f59df41e232f0f2a9ec7eb3387da726615cc61
Size

196KB
MD5

0251f12df6a0e06f72d7b375ff5f71de
SHA1

37cab486c5752cfb528d05822deb389e64b838bc
SHA256

e6946ae26f12cb3f9f9c997bc9f59df41e232f0f2a9ec7eb3387da726615cc61
SHA512

344419d935de55b030aec64d776f79df0573c2a4834bb108207f129a81bc0cd42593721d5bd0a8abff3e7661cc933908ce9e5f4b4a16d3b53171e24d0d8bfcb0
SSDEEP

3072:ThQPriNUz/yL3YqjwzOAqE8fYYFBIUdoHxRGI2:GriNUDyk7R8fhAUWW

Score

N/A

Malware Config

Signatures

Files

e6946ae26f12cb3f9f9c997bc9f59df41e232f0f2a9ec7eb3387da726615cc61
.exe windows x86

95fa670205cbc9131ca74a57dcb6e472

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateClassMoniker
CoInitializeEx
GetRunningObjectTable
CoRevokeClassObject
CoRegisterClassObject
CoUninitialize

version

GetFileVersionInfoA
VerQueryValueA

kernel32

LocalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
SetEvent
LocalLock
OpenEventA
TerminateThread
WaitForSingleObject
SuspendThread
ResumeThread
FormatMessageA
ResetEvent
WaitForMultipleObjects
LocalFree
LocalUnlock
FindFirstChangeNotificationA
FindCloseChangeNotification
GetExitCodeThread
ReleaseMutex
CreateMutexA
GetDriveTypeA
WideCharToMultiByte
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemInfo
GetVersion
GetVersionExA
FindNextChangeNotification
InterlockedIncrement
CloseHandle
FindClose
GetDiskFreeSpaceA
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetFileSize
CreateFileA
GetFileAttributesA
CreateDirectoryA
GetTempPathA
MoveFileA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetTempFileNameA
SetUnhandledExceptionFilter
SetCurrentDirectoryA
GetCurrentDirectoryA
SetProcessWorkingSetSize
GetCurrentProcess
SetFilePointer
GetCurrentProcessId
WriteFile
GetThreadContext
VirtualQuery
IsBadWritePtr
OpenProcess
GlobalMemoryStatus
Sleep
GetCurrentThreadId
GetLastError
FlushFileBuffers
InterlockedDecrement
CreateEventA
CreateProcessA
SetErrorMode
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFullPathNameA
SetEnvironmentVariableW
GetModuleFileNameA
GetACP
GetCPInfo
SetStdHandle
LCMapStringW
LCMapStringA
ReadFile
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
RtlUnwind
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
SetFileAttributesA
HeapSize
GetOEMCP
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetEndOfFile
TerminateProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection

user32

PostMessageA
DestroyWindow
IsWindow
FindWindowA
DefWindowProcA
CreateWindowExA
GetSystemMetrics
RegisterClassA
GetClassInfoA
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
PostQuitMessage
PostThreadMessageA
CharNextA
CharPrevA
ReleaseDC
GetDC
SendMessageA
SetTimer

advapi32

RegCloseKey
RegOpenKeyA
RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegSetValueA
FreeSid
RegEnumKeyA
RegCreateKeyA

gdi32

GetDeviceCaps

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95fa670205cbc9131ca74a57dcb6e472

Headers

File Characteristics

Imports

ole32

version

kernel32

user32

advapi32

gdi32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 24KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 1KB

.drdata Size: 20KB - Virtual size: 20KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 24KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 1KB

.drdata
Size: 20KB - Virtual size: 20KB