6ab6f3a0106256ee2c9c56ef3befa73e6d9eca2c2d9bcc3a204cc00175d8832c

Sharing

Copy URL Twitter E-mail

General

Target

6ab6f3a0106256ee2c9c56ef3befa73e6d9eca2c2d9bcc3a204cc00175d8832c
Size

342KB
MD5

36d8bc8dc13404c9e2b94d6fe72c4780
SHA1

7b51da467e30a2c818fcdfca9ec7f13d37a8a5ad
SHA256

6ab6f3a0106256ee2c9c56ef3befa73e6d9eca2c2d9bcc3a204cc00175d8832c
SHA512

010e36bf57444fc36b87f6bd964832520a3b42e89ef916ce487ac87d9dd1faebb789a4e7e06d38cb51d1f853fc30a439b0e8f8d314d762cc415947f4c013208c
SSDEEP

6144:09shsLknYaix/uRAMsi32Lj2+9x3PfcKrKyweW4rhBBSAq5vva:0gs4nYJuRbsi3YZdGytrcU

Score

N/A

Malware Config

Signatures

Files

6ab6f3a0106256ee2c9c56ef3befa73e6d9eca2c2d9bcc3a204cc00175d8832c
.exe windows x86

f575917eb9deb2e57931bbe5743a21d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetFileAttributesW
GetTempPathW
OpenProcess
SetDllDirectoryW
GetModuleFileNameW
SetLastError
WriteFile
GetDriveTypeW
GetPrivateProfileStringW
GetTimeZoneInformation
WriteConsoleW
FindFirstFileW
GetProcessHeap
FlushFileBuffers
LCMapStringW
SetEnvironmentVariableA
HeapSize
GetFullPathNameW
SetStdHandle
RtlUnwind
GetConsoleMode
GetConsoleCP
IsProcessorFeaturePresent
GetStringTypeW
FindClose
FindNextFileW
GetLongPathNameW
Sleep
CreateFileW
SetFilePointer
SetEndOfFile
WideCharToMultiByte
GetTempFileNameW
MoveFileExW
CopyFileW
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
GetCurrentProcess
CreateProcessW
GetLastError
FormatMessageW
LocalFree
WaitForSingleObject
CloseHandle
GetModuleHandleW
FindResourceW
FreeLibrary
LoadResource
SizeofResource
LockResource
TerminateProcess
CompareStringW
IsDebuggerPresent
UnhandledExceptionFilter
IsValidCodePage
GetOEMCP
GetACP
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
GetCommandLineW
HeapSetInformation
HeapFree
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
SetFileAttributesW
FindFirstFileExW
DecodePointer
EncodePointer
DeleteFileW
ExitThread
GetCurrentThreadId
CreateThread
RemoveDirectoryW
CreateDirectoryW
MoveFileW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
ReadFile
ExitProcess
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo

user32

wsprintfW
DialogBoxParamW
EndDialog
SetWindowTextW
LoadIconW
GetWindowLongW
SetWindowLongW
DrawTextW
GetClientRect
GetParent
ScreenToClient
ReleaseDC
SetTimer
GetDesktopWindow
GetWindowRect
CopyRect
OffsetRect
SetWindowPos
GetDlgItem
SendMessageW
GetDC

gdi32

SelectObject

advapi32

AdjustTokenPrivileges
CryptDestroyKey
CryptVerifySignatureA
StartServiceW
RegQueryValueExW
OpenSCManagerA
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
OpenProcessToken
LookupPrivilegeValueA
CreateProcessAsUserW
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW

comctl32

InitCommonControlsEx

shell32

ShellExecuteExW

shlwapi

PathAppendW
PathCommonPrefixW
PathStripToRootW
PathRemoveFileSpecW

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f575917eb9deb2e57931bbe5743a21d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

shell32

shlwapi

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 96KB - Virtual size: 96KB

.reloc Size: 81KB - Virtual size: 84KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 81KB - Virtual size: 84KB