7bd691249aaf6e6d010b073092fd47b8a991301f860797976c1b1db0e0707688

Sharing

Copy URL

Twitter E-mail

General

Target

7bd691249aaf6e6d010b073092fd47b8a991301f860797976c1b1db0e0707688
Size

6.0MB
MD5

6d7ea69e5d61cca8e791d113c6c0a473
SHA1

b5923c96684fcffa2c095f9ae9dc540e4866b58c
SHA256

7bd691249aaf6e6d010b073092fd47b8a991301f860797976c1b1db0e0707688
SHA512

8df819785501923ece673431d5b23e60511a8d4ca6a2e1af545fbbca6f9a4e45999a144b6132b40fa43af42988d1b8ff89a66baf0d34a57fd3c2660681ce8531
SSDEEP

98304:+YY0blOKTwZiHn/i6qxWveJ4V5kVdge9O+RPHaphxvqUpATUI5v:+YY0blOqw1FWveJHg+YzqUpAAI

Score

N/A

Malware Config

Signatures

Files

7bd691249aaf6e6d010b073092fd47b8a991301f860797976c1b1db0e0707688
.exe windows x86

0611088882d987734cc8283144ff5683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetLastError
LeaveCriticalSection
CreateMutexA
CloseHandle
ResumeThread
FileTimeToLocalFileTime
GetTickCount
GetProcAddress
EnterCriticalSection
ExitThread
ReadFile
GetModuleHandleA
GetVersionExA
GetModuleHandleExW
Sleep
VirtualProtect
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetLocalTime
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
WaitForSingleObject
GetCurrentThread
SetLastError
VirtualFree
InterlockedCompareExchange
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
CreateFileW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
ExitProcess
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW

advapi32

RegCreateKeyA
RegQueryValueW
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExW
RegCloseKey
RegOpenKeyW
RegEnumValueW
RegQueryInfoKeyW

user32

CreatePopupMenu
RegisterWindowMessageA
LoadIconA
PostMessageA
RedrawWindow
ShowWindow
GetWindowTextW
LoadIconW
DefWindowProcW
MessageBoxW
SetForegroundWindow
UpdateWindow
SetWindowPos
SendMessageA
CheckMenuItem
GetWindowTextA
RegisterWindowMessageW
TrackPopupMenu
CloseDesktop
RegisterClassExW
SendMessageW
DestroyWindow
DispatchMessageW
MsgWaitForMultipleObjects
GetMessageW
GetCursorPos
RegisterClassExA

Sections

.text
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.1MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0611088882d987734cc8283144ff5683

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 430KB - Virtual size: 430KB

.rdata Size: 365KB - Virtual size: 364KB

.data Size: 5.1MB - Virtual size: 5.2MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 430KB - Virtual size: 430KB

.rdata
Size: 365KB - Virtual size: 364KB

.data
Size: 5.1MB - Virtual size: 5.2MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 29KB - Virtual size: 28KB