6da36901b2ae0e86e2c24076ca954f280341a9afbecd33741a187ecfc33290d6

Sharing

Copy URL

Twitter E-mail

General

Target

6da36901b2ae0e86e2c24076ca954f280341a9afbecd33741a187ecfc33290d6
Size

290KB
MD5

3518361147b8e3df0c49723c500f4da0
SHA1

d12d5a8e78a62dae770872f164df38cd294c678f
SHA256

6da36901b2ae0e86e2c24076ca954f280341a9afbecd33741a187ecfc33290d6
SHA512

e7684588dca0b1eafc3ab505bb55a371d01e4e568a2b5559a88ad1e71fe46c0344a1b0c5bab72dd38a5a737cdbf9201f9690717ae95d279bca170614ffb23926
SSDEEP

6144:1LSM6EIH+vgVh1+B8tb5NJhbNptFT6FZQh6fKFwkz1cTMSADaznbvMNPuZe+4:1u/EMR15N/bNpIiwo1cTMtsZ2

Score

N/A

Malware Config

Signatures

Files

6da36901b2ae0e86e2c24076ca954f280341a9afbecd33741a187ecfc33290d6
.exe windows x86

b0f4df1bdb65f558b7f7ae1bb2cb3165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA

user32

SendMessageA
FindWindowA
GetForegroundWindow
GetCapture
GetClipboardOwner
GetQueueStatus
GetCursorPos

kernel32

SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapSize
GetLocaleInfoA
InterlockedExchange
RtlUnwind
GetTickCount
ReadFile
SetConsoleMode
GetConsoleMode
GetStdHandle
WriteFile
CloseHandle
SetEvent
GetOverlappedResult
WaitForSingleObject
GetLastError
CreateEventA
CreateThread
GetVersionExA
GetProcAddress
LoadLibraryA
FreeLibrary
GetSystemTimeAdjustment
GetSystemTime
GetProcessTimes
GetCurrentProcess
GetThreadTimes
GetCurrentThread
GlobalMemoryStatus
QueryPerformanceCounter
GetCurrentProcessId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetCurrentThreadId
CreateProcessA
SetHandleInformation
CreatePipe
GetFileTime
GetFileSize
CreateFileA
SetFileTime
SetFilePointer
GetFileAttributesA
CreateDirectoryA
WaitForMultipleObjects
GetEnvironmentVariableA
GetLocalTime
GetModuleFileNameA
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
TerminateProcess
DeleteFileA
GetCommandLineA
FlushFileBuffers
WideCharToMultiByte
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP
GetOEMCP
GetCPInfo
SetStdHandle

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

XOR
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0f4df1bdb65f558b7f7ae1bb2cb3165

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 4KB - Virtual size: 21KB

.rsrc Size: 8KB - Virtual size: 5KB

XOR Size: 2KB - Virtual size: 2KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 4KB - Virtual size: 21KB

.rsrc
Size: 8KB - Virtual size: 5KB

XOR
Size: 2KB - Virtual size: 2KB