6ca1845ed0e08ca8bde5cd784f42c7f376ee725c7d2249cd0cfa98599af1c3de

Sharing

Copy URL

Twitter E-mail

General

Target

6ca1845ed0e08ca8bde5cd784f42c7f376ee725c7d2249cd0cfa98599af1c3de
Size

498KB
MD5

f912e369d776e7c9bc6cd76d4dd86679
SHA1

2f926704fa46a67af9d476967153f9664665d1f7
SHA256

6ca1845ed0e08ca8bde5cd784f42c7f376ee725c7d2249cd0cfa98599af1c3de
SHA512

6e712c112eb5174522d723f6215dd79c065fa55b513ae981d700428526c9d111ddb4558cc96134e08fb1b3bde0484262fdbbd671d74099535f67d4b44b6aca1d
SSDEEP

6144:IKCw2IKsPz9h2J7w56HmN3hlHT0dO4DiZSSmK419kUS6upmvppZXVAUHD6LtSPod:oIKsO5JmN3hlHTgOV4gU/qED7Bj6IPVC

Score

N/A

Malware Config

Signatures

Files

6ca1845ed0e08ca8bde5cd784f42c7f376ee725c7d2249cd0cfa98599af1c3de
.exe windows x86

6bd55bd524680ff5bba25e6eeaf8ad26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EraseTape
GlobalUnlock
CreateEventW
GetTempFileNameA
GetSystemTimeAsFileTime
CreateNamedPipeA
GetTimeZoneInformation
GetConsoleOutputCP
GetLocaleInfoA
GlobalWire
GetVolumeInformationW
GetLocalTime
CreateFileMappingA
GetModuleHandleW
Beep
GenerateConsoleCtrlEvent
GetSystemDirectoryW
GetCommModemStatus
EnumResourceLanguagesA
GetSystemTimeAdjustment
GetModuleHandleA
GetComputerNameW
GetNumberFormatA
GetVolumeInformationA
GlobalFree
GetTimeFormatA
ExitProcess
GetStartupInfoA

user32

DrawIconEx

msvcrt

__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__set_app_type
exit
_exit
_controlfp
__dllonexit
_onexit
_except_handler3
_acmdln
_XcptFilter

rpcrt4

NdrServerContextMarshall
RpcServerInqDefaultPrincNameA
NdrComplexArrayUnmarshall
enum_from_ndr
RpcSmAllocate
RpcServerRegisterIf
RpcServerUseProtseqA
I_RpcIfInqTransferSyntaxes
NdrConvert2
RpcMgmtInqDefaultProtectLevel
NdrConformantVaryingArrayUnmarshall
NdrServerCall2
I_RpcAsyncSetHandle
I_RpcGetCurrentCallHandle
RpcServerUseProtseqEpA
RpcSsFree
MesEncodeFixedBufferHandleCreate
NdrFixedArrayFree
RpcSmSwapClientAllocFree
NdrOleAllocate
double_from_ndr
I_RpcNsBindingSetEntryNameA
NdrInterfacePointerUnmarshall
RpcSmSetThreadHandle
NDRCContextUnmarshall
MesBufferHandleReset
NdrComplexStructUnmarshall
RpcRaiseException
I_RpcGetBuffer

shell32

SHGetDiskFreeSpaceA
DuplicateIcon

rasapi32

RasGetCountryInfoA

lz32

LZRead

shlwapi

SHDeleteEmptyKeyW
SHRegGetBoolUSValueW
SHRegEnumUSKeyA
SHDeleteValueA
SHQueryInfoKeyA
PathSetDlgItemPathA
PathIsRootW
PathAddBackslashA
SHRegGetUSValueA
PathRemoveArgsA
PathFindOnPathA
PathFindExtensionW
PathIsDirectoryA
PathIsUNCServerShareW
PathIsSystemFolderA

ole32

OleCreateLinkToFile

resutils

ResUtilStartResourceService
ResUtilSetPropertyParameterBlock

comdlg32

ChooseColorW

winmm

waveInReset
joySetCapture
midiInGetNumDevs
mixerGetLineControlsA
mixerGetControlDetailsA
waveInClose

winspool.drv

ConnectToPrinterDlg

gdi32

InvertRgn
BitBlt
ExtTextOutW
ResizePalette

msi

ord58
ord31

oleaut32

VarUI4FromBool
VarI1FromBool

wininet

GetUrlCacheEntryInfoExW
InternetDial
FtpGetFileW
InternetAttemptConnect
InternetQueryOptionW
FtpDeleteFileA
InternetGetLastResponseInfoA
InternetReadFileExW
HttpSendRequestA
InternetCheckConnectionA

imagehlp

ImageGetCertificateHeader
SetImageConfigInformation
StackWalk
SymUnDName

comctl32

ImageList_LoadImageA

advapi32

RegOpenKeyW
RegEnumKeyA
ReportEventW
IsValidSid
IsValidSecurityDescriptor
GetSecurityDescriptorControl
QueryServiceConfigA
DeregisterEventSource
EnumDependentServicesW
GetMultipleTrusteeA
RegUnLoadKeyA
LsaSetTrustedDomainInformation
MakeSelfRelativeSD
OpenServiceW
RegEnumValueW
BuildImpersonateExplicitAccessWithNameA
AddAccessDeniedAce
InitializeAcl

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bd55bd524680ff5bba25e6eeaf8ad26

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

rpcrt4

shell32

rasapi32

lz32

shlwapi

ole32

resutils

comdlg32

winmm

winspool.drv

gdi32

msi

oleaut32

wininet

imagehlp

comctl32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 2.4MB

.rsrc Size: 4KB - Virtual size: 888B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 2.4MB

.rsrc
Size: 4KB - Virtual size: 888B