6e617f33f05d5899a0f7963289d4a30a688ab9596c2d4cf48d93d0a3c2d91afb

Sharing

Copy URL Twitter E-mail

General

Target

6e617f33f05d5899a0f7963289d4a30a688ab9596c2d4cf48d93d0a3c2d91afb
Size

5.9MB
MD5

5d6ff81292b7078f6d02d163bf5dcbc5
SHA1

2133d14eb131da7042868f306b0f57af4bfb0ff2
SHA256

6e617f33f05d5899a0f7963289d4a30a688ab9596c2d4cf48d93d0a3c2d91afb
SHA512

77f96a5119918b2c7546137093a1aa8f40e93576a7a2da60fc2e891e59c3e76e3550ae241646da6abbed0d9e5370af31bd021e2aabbb4956ab3300e3c8b276a9
SSDEEP

98304:zjKdUahWWFy27I9bwCJw//GjQ9BwkurUBzUhtBtf82duAV3KcOqjuKKRY74kRQYW:zjKdUad8bpeLsj+whtP1QAV6mjAY74e2

Score

N/A

Malware Config

Signatures

Files

6e617f33f05d5899a0f7963289d4a30a688ab9596c2d4cf48d93d0a3c2d91afb
.exe windows x86

6ea18751a4e9c48d21b2bf78d7a1cf92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapFree
LoadLibraryA
CreateMutexA
CloseHandle
GetCurrentProcess
GetLastError
GetProcAddress
InterlockedCompareExchange
GetProcessHeap
GetVersionExA
EnterCriticalSection
FileTimeToLocalFileTime
GetLocalTime
GetModuleHandleExW
DeleteCriticalSection
VirtualProtect
ExitProcess
GetCurrentThread
DuplicateHandle
IsBadWritePtr
GetTickCount
Sleep
DisableThreadLibraryCalls
SetLastError
CreateFileW
VirtualFree
GetModuleHandleA
VirtualAlloc
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount

advapi32

RegCreateKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegQueryValueW
RegCreateKeyW
RegEnumKeyExW

user32

MessageBoxW
PostMessageA
CreateWindowExW
MessageBoxA
DispatchMessageW
GetClientRect
TranslateMessage
CheckMenuItem
RegisterClassExA
GetWindowRect
LoadIconA
UpdateWindow
GetWindowTextA
SendMessageW
SetWindowPos
RedrawWindow
PostQuitMessage
AppendMenuW
LoadIconW
RegisterWindowMessageW
SetForegroundWindow
GetParent
GetWindowTextW
RegisterWindowMessageA
GetLastInputInfo
GetCursorPos
SendMessageA
GetSystemMetrics
ShowWindow
RegisterClassExW
MsgWaitForMultipleObjects
DefWindowProcA
PostMessageW

Sections

.text
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ea18751a4e9c48d21b2bf78d7a1cf92

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 523KB - Virtual size: 523KB

.rdata Size: 539KB - Virtual size: 539KB

.data Size: 4.8MB - Virtual size: 4.8MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 523KB - Virtual size: 523KB

.rdata
Size: 539KB - Virtual size: 539KB

.data
Size: 4.8MB - Virtual size: 4.8MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 28KB