8cc06b9c6216a14c6cc2410e755f865598ce90b0c0e674d850e1c25d39430e69

Sharing

Copy URL

Twitter E-mail

General

Target

8cc06b9c6216a14c6cc2410e755f865598ce90b0c0e674d850e1c25d39430e69
Size

3.8MB
MD5

b26577485ebc461b7967b447a3fb2cd0
SHA1

004dd6a10ad81eb59c29e00daf24b3c87850f7ca
SHA256

8cc06b9c6216a14c6cc2410e755f865598ce90b0c0e674d850e1c25d39430e69
SHA512

b777651d6cd29b36a25337954e180c90f7cd418ce42069525ecbab18854e0aa05095daf2bbd557e5fff14ea71f4fd6d9cef8aa01d573937f6677d2cff15ee790
SSDEEP

49152:P3YwWSKin8J2vzfQaKiHKNc8T8A+5MSBfLL0fM0iD9AsCfY:QwzKin0wzfvKMK68ToKSBfv0kbW

Score

N/A

Malware Config

Signatures

Files

8cc06b9c6216a14c6cc2410e755f865598ce90b0c0e674d850e1c25d39430e69
.exe windows x86

7d7f651c3d35fa34286a12cad43fc08a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
Sleep
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
IsBadWritePtr
HeapAlloc
GetProcessHeap
CreateMutexA
GetTickCount
FileTimeToSystemTime
CreateFileA
GetModuleHandleExW
ExitProcess
GetLastError
InterlockedCompareExchange
SystemTimeToFileTime
GetModuleHandleA
GetVersionExA
ExitThread
VirtualAlloc
VirtualFree
CloseHandle
GetTempPathA
GetProcAddress
LoadLibraryA
RemoveDirectoryA
IsBadReadPtr
LocalFileTimeToFileTime
WaitForSingleObject
HeapFree
SetLastError
GetCurrentProcessId
DeleteCriticalSection
WriteConsoleW
CreateFileW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
HeapReAlloc
LoadLibraryExW
SetEndOfFile
GetModuleHandleW
TlsFree
TlsSetValue
IsProcessorFeaturePresent
ReadFile
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
GetFileType
GetStartupInfoW
GetStringTypeW
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue

advapi32

RegEnumKeyW
RegCreateKeyExA
RegEnumKeyExW
RegQueryInfoKeyA
RegQueryValueW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW
RegQueryValueA
RegCreateKeyExW

user32

GetClientRect
SetFocus
RegisterClassExW
SendMessageA
CloseDesktop
RedrawWindow
LoadIconW
RegisterWindowMessageW
GetMessageW
SetWindowPos
PostQuitMessage
TrackPopupMenu
LoadIconA
PostMessageA
GetLastInputInfo
UpdateWindow
SetForegroundWindow
AppendMenuW
RegisterWindowMessageA
SendMessageW
GetDesktopWindow
RegisterClassExA
DestroyWindow
EnumWindows

Sections

.text
Size: 570KB - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d7f651c3d35fa34286a12cad43fc08a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 570KB - Virtual size: 569KB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 114KB - Virtual size: 124KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 570KB - Virtual size: 569KB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 114KB - Virtual size: 124KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 19KB - Virtual size: 18KB