606b26612eb23f45e73c1b9e741b860dd3385c87c05bc67e658362cb152d6378

General

Target

606b26612eb23f45e73c1b9e741b860dd3385c87c05bc67e658362cb152d6378
Size

266KB
MD5

e6faab9c5833eceedf7768f8de64b70d
SHA1

2d58591e9c640684ae251ea3263b329344e7f11c
SHA256

606b26612eb23f45e73c1b9e741b860dd3385c87c05bc67e658362cb152d6378
SHA512

3b1aa6c8cd93752a4a5ee2aa4ecdaf6f5fea87573c3e6a1474ea76018d089d5d3aa402c82a60be4943d83d42668b21da1713cca7d22156747fefa90dc2a1f837
SSDEEP

6144:Sywl+sz/FrHrWkWjl3a1GH/DHj35VxXLGGwrwRoMI:Syk/h2K8bHj3xX/swRTI

Score

N/A

Malware Config

Signatures

Files

606b26612eb23f45e73c1b9e741b860dd3385c87c05bc67e658362cb152d6378
.exe windows x86

f9ace1151848268953bdfab131ac4664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtResumeThread
NtProtectVirtualMemory
NtOpenEvent
ZwQueryInformationThread
RtlExitUserThread
NtQuerySystemTime

kernel32

VirtualProtect
HeapDestroy
GetConsoleMode
MoveFileW
GetFileAttributesW
GetSystemTimeAsFileTime
GetPrivateProfileStringA
WritePrivateProfileSectionA
FlushFileBuffers
GetEnvironmentStrings
GetModuleHandleW
CreateDirectoryW
SetFilePointer
VirtualAlloc
VirtualAlloc
GetCurrentThreadId
CompareStringA
MoveFileWithProgressW
Sleep
SizeofResource
ReadFile
GetTempPathA
GetVolumeInformationA
FreeLibrary
Module32First
GetCurrentProcess
GetProcessHeap
FindNextFileW
LocalFree
GetTimeZoneInformation
lstrlenW
GetStringTypeA
TerminateThread
SetPriorityClass
FreeEnvironmentStringsW
DeleteFileA
CreateEventA
Module32Next
GetCurrentThread
GetFileAttributesExW
DeleteCriticalSection
LocalFileTimeToFileTime
GetModuleFileNameW
SetLastError
lstrcmpA
LoadLibraryExW
GetProcessTimes
GetDateFormatW
DisableThreadLibraryCalls
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
GetFileTime
TlsGetValue
HeapAlloc
lstrcpyA
GlobalLock
GetSystemDefaultLCID
HeapSize
GetLocaleInfoA
GetSystemTimeAsFileTime
GetPrivateProfileSectionA
GetTimeFormatW
ReleaseSemaphore
CreateDirectoryA
LoadLibraryExA
LoadLibraryA
SetThreadPriority
WritePrivateProfileStringA
RemoveDirectoryW
WriteProcessMemory
CopyFileExW
WideCharToMultiByte
InterlockedDecrement

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9ace1151848268953bdfab131ac4664

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

Sections

.text Size: 194KB - Virtual size: 194KB

.data Size: 66KB - Virtual size: 65KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 194KB - Virtual size: 194KB

.data
Size: 66KB - Virtual size: 65KB

.rsrc
Size: 5KB - Virtual size: 8KB