6a1991f97547235b6db9c523f2fa2d6302458bb87ca234c572dc8bcc8809ee28

Sharing

Copy URL Twitter E-mail

General

Target

6a1991f97547235b6db9c523f2fa2d6302458bb87ca234c572dc8bcc8809ee28
Size

184KB
MD5

2309902de06ec4c20ade053bbc2a3120
SHA1

beeb04f5122d781611606f01b56ee31ac32a6a08
SHA256

6a1991f97547235b6db9c523f2fa2d6302458bb87ca234c572dc8bcc8809ee28
SHA512

8a7a143d6a527a7bb0173995c661c22d4af0657d56f44eb44c90bdcae15cafda4510a045c42757902bc91c7f352c1475216b6069058626d31777cc7eb9f9ceab
SSDEEP

3072:vYEZfrs/ORYtUbtKV+ouqdQmrJd/wqEVvMtF/oZrIcCBwr84T:vZsWvba/jEKF/OrGA84

Score

N/A

Malware Config

Signatures

Files

6a1991f97547235b6db9c523f2fa2d6302458bb87ca234c572dc8bcc8809ee28
.exe windows x86

17ad067a6ea71d78ad5e25603c121f56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
LoadLibraryA
GetProcAddress
FreeLibrary
GetFileAttributesW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapAlloc
GetProcessHeap
HeapFree
MultiByteToWideChar
GetFileSizeEx
GlobalAlloc
ReadFile
FileTimeToSystemTime
CreateFileW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
CloseHandle
CreateProcessW
GetModuleHandleW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
ExitProcess
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW

user32

GetSystemMetrics
UnregisterClassA

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyW

shell32

SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal

shlwapi

PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

17ad067a6ea71d78ad5e25603c121f56

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 80KB - Virtual size: 80KB