f64ffa7c6b17e8b0dc6cab0e4c3665f85861e6f87b8b318eb39448550bf3c7d8

Sharing

Copy URL

Twitter E-mail

General

Target

f64ffa7c6b17e8b0dc6cab0e4c3665f85861e6f87b8b318eb39448550bf3c7d8
Size

4.6MB
MD5

deccbdcc495fd0426959cfbb72b4a0df
SHA1

ef872a61a81f609711cd458c68357a8692246b2c
SHA256

f64ffa7c6b17e8b0dc6cab0e4c3665f85861e6f87b8b318eb39448550bf3c7d8
SHA512

72c6025be5c19349cf20de36d7c9f377a47dfff8e01d34297747c48603d13c24523f6938b6ae87acf3b2105dbfb35cdbd9e8bc9e55d20fa11855fad257b163e5
SSDEEP

49152:9iBJ2SpAZG133gmLEI10XOv0TP6oYlCXTAkA+ZuK2rFPIWoiwVdNFWPE/B/u:sUMp13QmQI10XOcTP+mrcZHf+Wc/d

Score

N/A

Malware Config

Signatures

Files

f64ffa7c6b17e8b0dc6cab0e4c3665f85861e6f87b8b318eb39448550bf3c7d8
.exe windows x86

6e7a8631427a95146418b9180d800024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTempPathA
CloseHandle
GetFileAttributesA
SystemTimeToFileTime
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
CreateMutexA
GetModuleHandleExW
LoadLibraryA
GetLastError
InterlockedCompareExchange
SetLastError
DisableThreadLibraryCalls
GetModuleHandleA
GetVersionExA
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForSingleObject
FileTimeToSystemTime
VirtualAlloc
VirtualFree
GetProcAddress
ExitThread
RemoveDirectoryA
GetTickCount
ReadFile
GetCurrentThread
HeapReAlloc
Sleep
ResumeThread
WriteConsoleW
CreateFileW
GetConsoleCP
FlushFileBuffers
SetStdHandle
LoadLibraryW
OutputDebugStringW
LCMapStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetEndOfFile
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
GetCommandLineA
InterlockedDecrement
AreFileApisANSI
HeapSize
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetFilePointer
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileType
GetStartupInfoW
GetStringTypeW
GetModuleFileNameA

advapi32

RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyW
RegQueryInfoKeyA

user32

MsgWaitForMultipleObjects
GetWindowTextW
MessageBoxW
DispatchMessageW
GetClientRect
DefWindowProcW
TranslateMessage
SetForegroundWindow
RegisterClassExW
RedrawWindow
SendMessageA
SetWindowPos
RegisterWindowMessageW
UpdateWindow
PostQuitMessage
CreatePopupMenu
LoadIconA
RegisterWindowMessageA
RegisterClassExA
SendMessageW
PeekMessageW
GetParent
BringWindowToTop
LoadIconW
MessageBoxA
TrackPopupMenu
GetSystemMetrics
EnumWindows
SetFocus
GetDesktopWindow
GetWindowRect
PostMessageW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e7a8631427a95146418b9180d800024

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 3.0MB - Virtual size: 3.0MB

.data Size: 125KB - Virtual size: 135KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 125KB - Virtual size: 135KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 25KB - Virtual size: 24KB