6eadc99f2514f8be5b3778c4b4220b475ee2820d27e5ab652bf247bd7459b7db

Sharing

Copy URL

Twitter E-mail

General

Target

6eadc99f2514f8be5b3778c4b4220b475ee2820d27e5ab652bf247bd7459b7db
Size

286KB
MD5

404395b05190de06b1230a3d7ff93710
SHA1

43c6121b0d4eee1b8db85b4d2da462519c41b499
SHA256

6eadc99f2514f8be5b3778c4b4220b475ee2820d27e5ab652bf247bd7459b7db
SHA512

e15de16ece16c0c39fb6678e1824c8fe9742711195e1f8b6cdce9d0ed0f85cf6c3fed81116f78d1c8d298dc6aae6556f7597c15924bd21a95dcf0cfd7aa72e9a
SSDEEP

6144:YasX3XDQ+Gy3VnxAiF/UE0leQxgOEnk0Uv1:YamDuCVxeE07ek0o1

Score

N/A

Malware Config

Signatures

Files

6eadc99f2514f8be5b3778c4b4220b475ee2820d27e5ab652bf247bd7459b7db
.exe windows x86

76a564fd6585fa70b5da8156fab9d273

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualProtect
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcessHeap
TerminateProcess
GetStartupInfoW
GetModuleHandleA
lstrcmpiW
lstrcmpiA
FindResourceExW
FindResourceW
LoadResource
LockResource
GetModuleFileNameW
GetVersionExW
TlsFree
TlsGetValue
TlsAlloc
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
GetModuleHandleW
GetLastError
GetTickCount
CompareStringW
GetCurrentThreadId
GetSystemDefaultLangID
InterlockedIncrement
GetEnvironmentVariableW
SetErrorMode
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrlenW
GetCurrentProcessId
WideCharToMultiByte
lstrcmpW
LoadLibraryW
GetProcAddress
InterlockedDecrement
GetCurrentProcess

user32

ClientToScreen
SetWindowPos
ReleaseCapture
GetCapture
SetCapture
SetCursor
LoadCursorW
UpdateWindow
InvalidateRect
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
AttachThreadInput
SetForegroundWindow
ReleaseDC
GetDC
SendMessageW
GetSysColor
DrawIconEx
LoadImageW
DrawFrameControl
GetDoubleClickTime
DrawCaption
SystemParametersInfoW
GetSysColorBrush
RegisterClassExW
DrawEdge
GetParent
DestroyMenu
TrackPopupMenuEx
InsertMenuItemW
CreatePopupMenu
EndPaint
BeginPaint
CopyRect
GetClientRect
GetDlgCtrlID
IsWindowVisible
GetWindowPlacement
SetWindowTextA
SetWindowTextW
ShowWindow
GetAsyncKeyState
keybd_event
MapVirtualKeyW
EndDialog
GetWindowTextW
GetWindowTextLengthW
SetFocus
ChildWindowFromPointEx
UnhookWindowsHookEx
SendMessageA
CallWindowProcW
DefWindowProcA
DefWindowProcW
SetWindowLongA
SetWindowLongW
GetWindowLongA
GetWindowLongW
CreateDialogParamA
CreateDialogParamW
DialogBoxIndirectParamA
DialogBoxIndirectParamW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
RegisterClassExA
CreateWindowExA
GetSystemMetrics
CharPrevW
LoadStringW
LoadStringA
LoadMenuIndirectW
MessageBoxW
GetClassInfoExW
GetWindow
OffsetRect
SetRectEmpty
GetMenuItemCount
DrawStateW
LoadBitmapW
RemovePropW
DrawTextExW
GetPropW
SetMenuItemInfoW
GetMenuStringW
SetPropW
GetSubMenu
MapWindowPoints
FillRect
EnableWindow
GetDesktopWindow
GetCursorPos
ScreenToClient
PtInRect
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer
KillTimer
DestroyWindow
IsWindow
GetClassNameW
PostMessageA
PostMessageW
IsWindowUnicode
GetFocus
CreateWindowExW
AdjustWindowRectEx
DestroyIcon
GetDlgItem
IsWindowEnabled
GetClassLongW
WinHelpW
PostQuitMessage
GetActiveWindow
GetForegroundWindow
GetWindowThreadProcessId
GetWindowRect

ole32

CoDisconnectObject
CoCreateInstance
CLSIDFromString
StringFromGUID2
IIDFromString
StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc

msvcrt

memmove
wcstok
_wcsicmp
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
swprintf
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_amsg_exit
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
wcstol
wcslen
_vsnwprintf
signal
malloc
free
??0exception@@QAE@ABV0@@Z
_CxxThrowException

oleaut32

LoadRegTypeLi
SysAllocString
LoadTypeLi

gdi32

CreateCompatibleDC
Polyline
SetBkColor
BitBlt
SetTextColor
SetBkMode
CreatePen
SelectObject
DeleteObject
CreateDCW
SetROP2
Rectangle
LineTo
MoveToEx
ExtTextOutW
GetTextExtentPoint32W
GetObjectW
GetStockObject
TranslateCharsetInfo
CreateFontIndirectW
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsW
GetTextExtentPointW
CreateCompatibleBitmap
DeleteDC
EnumFontFamiliesExW

advapi32

RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
DeregisterEventSource
ReportEventW
RegisterEventSourceW

sfc

SfcIsFileProtected

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76a564fd6585fa70b5da8156fab9d273

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

oleaut32

gdi32

advapi32

sfc

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 2KB - Virtual size: 16KB

.cdata Size: 512B - Virtual size: 4B

.rsrc Size: 156KB - Virtual size: 160KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 2KB - Virtual size: 16KB

.cdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 156KB - Virtual size: 160KB