6b36779b6cb8946f9cb04b2f12fef71b7b8df81dbcef5798fcb63d9564400735

Sharing

Copy URL Twitter E-mail

General

Target

6b36779b6cb8946f9cb04b2f12fef71b7b8df81dbcef5798fcb63d9564400735
Size

292KB
MD5

402adca2dbcaa761089f5ffa37ae0b00
SHA1

dda8386ad7df522d24a409e6461b31a4b0ddead4
SHA256

6b36779b6cb8946f9cb04b2f12fef71b7b8df81dbcef5798fcb63d9564400735
SHA512

a0c64ad850cae88e83c65500b7b36467b922d6ee4b8a1b75588c1aaedca20e50dd5a3257b5a55630d6c1b96334ea01bfb864d56f10f2d1fd48f4a2bab2decbb1
SSDEEP

6144:OjAG5oqgrcrCk65jqN5bJI3pHwer8ZmLTBGJZfViajb:OjA8grE65jUJI31AmLThk

Score

N/A

Malware Config

Signatures

Files

6b36779b6cb8946f9cb04b2f12fef71b7b8df81dbcef5798fcb63d9564400735
.exe windows x86

378d69b44f0d5f2ba698fa2fa1e724ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
CreateProcessA
GetPrivateProfileStringA
WaitForSingleObject
CreateThread
GetLongPathNameA
LoadLibraryA
GetProcAddress
GetTickCount
lstrcmpA
Sleep
GetCurrentProcess
HeapFree
HeapAlloc
GetProcessHeap
WideCharToMultiByte
GetLocalTime
WinExec
ExitProcess
FindResourceA
SizeofResource
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
LoadResource
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
ReadFile
GetStringTypeW
GetStringTypeA
CreateFileA
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
SetUnhandledExceptionFilter
WriteFile
HeapSize
TerminateProcess
HeapReAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
RaiseException
GetSystemTime
GetTimeZoneInformation
RtlUnwind
LockResource
FreeResource
GetModuleHandleA
GetModuleFileNameA
GlobalFree
GlobalAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetEnvironmentVariableA
InterlockedIncrement
InterlockedDecrement
lstrlenA
MultiByteToWideChar
LocalFree
OutputDebugStringA
CreateMutexA
GetLastError
ReleaseMutex
GetCPInfo
CloseHandle
DeleteCriticalSection
GetFileAttributesA

user32

SendMessageA
CallWindowProcW
GetPropA
CallNextHookEx
SetPropA
GetParent
GetClassNameA
RegisterWindowMessageA
SetTimer
KillTimer
UnhookWindowsHookEx
InvalidateRect
DefWindowProcW
GetWindowRect
EnumChildWindows
PostMessageA
GetDoubleClickTime
WindowFromPoint
GetAsyncKeyState
GetCursorPos
SystemParametersInfoA
GetWindowTextA
UnregisterClassA
DefWindowProcA
ReleaseDC
GetDC
CallWindowProcA
TrackMouseEvent
EndPaint
GetDesktopWindow
SetWindowLongW
BeginPaint
MapWindowPoints
GetClientRect
TranslateMessage
SetWindowsHookExA
SetWindowTextA
SetCursor
DestroyWindow
PostQuitMessage
IsZoomed
FillRect
GetWindowLongA
DrawTextA
DrawIconEx
IsWindowEnabled
OffsetRect
DestroyIcon
GetMessageA
ShowWindow
RemovePropA
LoadImageA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageW
DispatchMessageA

gdi32

GetTextExtentPoint32A
CreateFontA
SetTextColor
StretchBlt
BitBlt
CreateSolidBrush
SetBkMode
CreateDIBSection
SelectObject
DeleteDC
DeleteObject
CreateCompatibleDC
GetBitmapBits
GetObjectA

advapi32

RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHChangeNotify

ole32

CoCreateInstance
StgCreateDocfile
OleCreate
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize

oleaut32

SafeArrayDestroy
VariantInit
VariantCopy
SysStringByteLen
SafeArrayCreate
SafeArrayPutElement
VarCmp
SysAllocStringByteLen
VariantChangeType
SysStringLen
SysFreeString
SysAllocString
VariantClear

urlmon

URLDownloadToFileA

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
DeleteUrlCacheEntry

msimg32

AlphaBlend

comctl32

InitCommonControlsEx

ws2_32

shutdown
send
ioctlsocket
connect
select
__WSAFDIsSet
inet_ntoa
gethostbyname
htons
recv
inet_addr
WSACleanup
setsockopt
WSAGetLastError
closesocket
WSAStartup
socket

shlwapi

UrlUnescapeA
StrStrIA

iphlpapi

GetPerAdapterInfo
GetIpAddrTable
GetAdaptersInfo

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

378d69b44f0d5f2ba698fa2fa1e724ac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

wininet

msimg32

comctl32

ws2_32

shlwapi

iphlpapi

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 28KB - Virtual size: 54KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 28KB - Virtual size: 54KB

.rsrc
Size: 16KB - Virtual size: 15KB