6461527985bb229adf0c8bfcde80b4deafd05e41bad6b9180f4db0648f63d2c0

Sharing

Copy URL

Twitter E-mail

General

Target

6461527985bb229adf0c8bfcde80b4deafd05e41bad6b9180f4db0648f63d2c0
Size

317KB
MD5

a2820e08374c154e3c749c9f16e365bd
SHA1

1545b15ade67e7dc3f1821305a3beaf4e0340ea0
SHA256

6461527985bb229adf0c8bfcde80b4deafd05e41bad6b9180f4db0648f63d2c0
SHA512

579eca3b3e80a81cb60c2c0b0f63427679e78a8571baec5ceb1b69081265ddf9228931efa0333bd95770956bc0e12c93e5370004bdbb0eb615e3e5f72986407f
SSDEEP

6144:y0wj1ATKxMhofKCn/I5mfFQpXaMRo3DMv0BvoFp+akAOLDCS:y06ATb+2GQ9VoTMzYAOT

Score

N/A

Malware Config

Signatures

Files

6461527985bb229adf0c8bfcde80b4deafd05e41bad6b9180f4db0648f63d2c0
.exe windows x86

cfd56511a6c3f8503cd03d3c7f8dba84

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

MultiByteToWideChar
LCMapStringW
FlushFileBuffers
HeapReAlloc
HeapSize
LoadLibraryW
GetStringTypeW
GetConsoleMode
GetModuleHandleA
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
SetStdHandle
WriteConsoleW
CloseHandle
GetCommandLineW
GetLastError
GetProcessHeap
HeapCreate
HeapAlloc
lstrcpyA
GetCPInfo
Sleep
RtlUnwind
HeapFree
RaiseException
GetSystemTimeAsFileTime
GetConsoleCP
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
CreateFileW

user32

CloseClipboard
MessageBoxA
EmptyClipboard
LoadMenuA
EndDialog
GetDlgItem
OpenClipboard
EndPaint
CharNextA
LoadBitmapA
SetClipboardData
CopyImage
DefWindowProcA
IsWindowVisible
CreateWindowExA
DestroyWindow
SendMessageA
GetDC
ReleaseDC
SetWindowTextA
GetClientRect
BeginPaint
DrawIconEx

gdi32

DeleteObject
StartDocA
StartPage
TextOutA
EndPage
EndDoc
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
PatBlt
EnumFontsA
GetObjectA

shell32

CommandLineToArgvW
SHGetDesktopFolder

version

GetFileVersionInfoW

shlwapi

StrChrA

comctl32

ord17

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdiplusStartup

oledlg

ord3

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfd56511a6c3f8503cd03d3c7f8dba84

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

version

shlwapi

comctl32

gdiplus

oledlg

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 23KB - Virtual size: 30KB

.relo Size: 62KB - Virtual size: 62KB

.text2 Size: 49KB - Virtual size: 49KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 74KB - Virtual size: 74KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 23KB - Virtual size: 30KB

.relo
Size: 62KB - Virtual size: 62KB

.text2
Size: 49KB - Virtual size: 49KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 74KB - Virtual size: 74KB