e6dd6b63540b06f4734597c8a3435601f8f36ceb0e0a9d43cd3efaa63d0ae52a

Sharing

Copy URL Twitter E-mail

General

Target

e6dd6b63540b06f4734597c8a3435601f8f36ceb0e0a9d43cd3efaa63d0ae52a
Size

214KB
MD5

44fcc118d3f47069dfb81e7716632200
SHA1

bfa5e1dc862eba802ab6b75ef356d2e47730fa4a
SHA256

e6dd6b63540b06f4734597c8a3435601f8f36ceb0e0a9d43cd3efaa63d0ae52a
SHA512

a76a5befd3b41f55367078391e14008eb3c0f8182bef6f3645a4628828a73946249a2562ff265c98ce562d803ed00ee0492093f31748ec12410b3c309b39504c
SSDEEP

6144:Z5lSB3XmK05RGv/hO3LTGR9xlhl8AjxMG+nC84xHRjzlH:c8ivZeLT8xh8AjGG+nC8qH

Score

N/A

Malware Config

Signatures

Files

e6dd6b63540b06f4734597c8a3435601f8f36ceb0e0a9d43cd3efaa63d0ae52a
.exe windows x86

c21083d5fda457b5b825077b25892edf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA
FindFirstFileA
SetEnvironmentVariableA
IsBadReadPtr
SetFileAttributesA
LoadLibraryW
HeapCreate
FileTimeToLocalFileTime
VirtualQuery
CompareStringW
GetStdHandle
GetUserDefaultLangID
GetLocaleInfoW
FlushFileBuffers
GetFileTime
WriteFile
LeaveCriticalSection
LCMapStringW
VirtualFree
SetErrorMode
GlobalLock
lstrcmpiA
RaiseException
HeapDestroy
GetCurrentProcess
GetTimeZoneInformation
FindNextFileA
SetEndOfFile
ReadFile
FileTimeToSystemTime
GetUserDefaultLCID
CreateFileA
GetStringTypeA
GetEnvironmentStrings
GetCurrentDirectoryA
GetLastError
TlsGetValue
GlobalAlloc
InterlockedDecrement
InterlockedIncrement
RtlUnwind
HeapAlloc
DeleteFileA
GlobalUnlock
UnlockFile
SetLocalTime
SetStdHandle
GetFileType
GetDriveTypeA
DeleteCriticalSection
GetTickCount
CompareStringA
GetVersion
HeapReAlloc
GetFileAttributesA
TlsAlloc
GetComputerNameA
SetHandleCount
IsValidCodePage
LCMapStringA
LockFile
GetCPInfo
GetLocaleInfoA
CreateDirectoryA
FreeLibrary
SetLastError
FormatMessageW
SetFilePointer
FindClose
GlobalFree
MultiByteToWideChar
FreeEnvironmentStringsW
SetFileTime
GetStringTypeW
IsDBCSLeadByte
GetFullPathNameA
GetVolumeInformationA
HeapSize
GetCommandLineA
TlsSetValue
GetModuleFileNameA
GetLocalTime
RemoveDirectoryA
HeapFree
CloseHandle
GetEnvironmentStringsA
GetStartupInfoA
FreeEnvironmentStringsA
GetModuleFileNameW
WideCharToMultiByte

user32

keybd_event
GetKeyboardLayout
GetWindowThreadProcessId
CharUpperBuffA
LoadStringA
SetWindowsHookExA
CharToOemA
CharLowerBuffA
FindWindowA
IsWindowVisible
MessageBeep
CharLowerBuffW
CharUpperBuffW
VkKeyScanW
SendMessageA
AttachThreadInput
FindWindowW
GetForegroundWindow
OemToCharA
GetSystemMetrics
SetForegroundWindow
GetWindow
GetKeyboardState
UnhookWindowsHookEx
GetWindowTextA
CallNextHookEx
SetFocus
VkKeyScanA
IsWindowEnabled
GetAsyncKeyState
GetFocus
WaitForInputIdle
SetWindowsHookExW
SetKeyboardState

advapi32

RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegEnumKeyW
LookupPrivilegeValueA
RegQueryInfoKeyA
RegDeleteKeyW
RegDeleteKeyA
RegQueryValueExW
RegCreateKeyA
OpenProcessToken
RegEnumKeyA
RegSetValueExW
AdjustTokenPrivileges
RegOpenKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyW
RegEnumValueW
RegQueryValueExA
RegOpenKeyA

ole32

CoGetClassObject
CoCreateInstance
CoGetMalloc
CreateBindCtx
MkParseDisplayName
CoDisconnectObject
BindMoniker

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c21083d5fda457b5b825077b25892edf

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 65KB - Virtual size: 65KB

.rdata Size: 15KB - Virtual size: 15KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 65KB - Virtual size: 65KB

.rdata
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 2KB - Virtual size: 2KB