6ca42df0a259e470820e8d104955e4fd663256a18f104a306ea686d5ef8f1297

General

Target

6ca42df0a259e470820e8d104955e4fd663256a18f104a306ea686d5ef8f1297
Size

3.6MB
MD5

e93e9253179aff316176cccdad89baf8
SHA1

2c4881f1057d2965521ce1c386dddcd0b683873c
SHA256

6ca42df0a259e470820e8d104955e4fd663256a18f104a306ea686d5ef8f1297
SHA512

6ff525d010051f4b0b4fb454a45d1f8161136eeaf78de0656c30ce9c17e205c288eed4402f05925005c0ab982c39198fde9b72e0611b7b31201d096ef405b451
SSDEEP

49152:gzi6MMmn1JXjRxdP5pnHSXal214GnTYitRlyguOPELqUryjFA43NYeP4m2ZgFkpp:A/Mbn1J7ZyXUiggl8LqU2Bd3PTogFAz9

Score

N/A

Malware Config

Signatures

Files

6ca42df0a259e470820e8d104955e4fd663256a18f104a306ea686d5ef8f1297
.exe windows x86

0ebde510ade0dc483756bb3db5e5538b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
ExitProcess
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetCommandLineA
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
WriteProcessMemory
VirtualAllocEx
SizeofResource
SetThreadContext
ResumeThread
ReadProcessMemory
LockResource
LoadResource
GlobalUnlock
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalAlloc
GetThreadContext
FindResourceA
CreateProcessA

user32

CharNextA

oleaut32

SysFreeString
SysReAllocStringLen

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

CODE
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 766KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ebde510ade0dc483756bb3db5e5538b

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

msvcrt

iphlpapi

psapi

advapi32

shell32

Sections

CODE Size: 2.9MB - Virtual size: 2.9MB

.sedata Size: 766KB - Virtual size: 768KB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

CODE
Size: 2.9MB - Virtual size: 2.9MB

.sedata
Size: 766KB - Virtual size: 768KB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB