6ed03f3bdac4bfb20d708441b21e1d3fc4c9464dcb6daa2d76b7d49b6df8372f

Sharing

Copy URL Twitter E-mail

General

Target

6ed03f3bdac4bfb20d708441b21e1d3fc4c9464dcb6daa2d76b7d49b6df8372f
Size

284KB
MD5

098ac7c550b63afb4e4e07fe3db53987
SHA1

fefc8be607cf3271d308cbc350d10544c546a5cc
SHA256

6ed03f3bdac4bfb20d708441b21e1d3fc4c9464dcb6daa2d76b7d49b6df8372f
SHA512

639d36f205fc1cd3aedd522e5ce3f9dd841edf72c36b519ac7c8f0f0fd1510be4213fade4b1b581b6437125707920ddf7945282085888ed2dd39d9848b1a6a65
SSDEEP

3072:qJc2cIJ1ZM6e2pEnc6u6FUmf4aYiWJQCO1+ug9Ms5D12n+GhAwj2wcnocCWZmnp7:qJ0IZMS2nM6pRrWtx2T2wjConWZKplh

Score

N/A

Malware Config

Signatures

Files

6ed03f3bdac4bfb20d708441b21e1d3fc4c9464dcb6daa2d76b7d49b6df8372f
.exe windows x86

902de1fc6d09d485695a3c1f3c6fd6f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

nspr4

PR_snprintf
PR_Read
PR_sscanf
PR_GetOpenFileInfo
PR_Free
PR_Malloc
PR_Close

plc4

PL_strdup
PL_strncmp
PL_strfree
PL_strstr
PL_strcasestr
PL_strcasecmp
PL_strlen

kernel32

GetStdHandle
GetLastError
AllocConsole
CreateMutexA
ExpandEnvironmentStringsA
SetErrorMode
GetEnvironmentVariableA
CloseHandle
CreateThread
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
FreeLibrary
WaitForSingleObject
ReleaseMutex
LoadLibraryExA
GetShortPathNameA
CreateProcessA
GetStartupInfoA
SetEnvironmentVariableA

user32

ShowWindow
SetForegroundWindow
DdeCreateDataHandle
SetWindowPos
DestroyMenu
SendMessageA
PostMessageA
KillTimer
MessageBoxA
CreatePopupMenu
AppendMenuW
RegisterWindowMessageA
AppendMenuA
GetPropA
CallWindowProcA
SetPropA
SetParent
GetDlgItem
DdeAccessData
IsIconic
DdeQueryStringA
DdeUninitialize
DdeUnaccessData
DdeFreeStringHandle
DdeCmpStringHandles
DdeInitializeA
DdeCreateStringHandleA
EnableMenuItem
GetCursorPos
TrackPopupMenu
DefWindowProcA
DestroyWindow
RegisterClassA
CreateWindowExA
LoadStringA
FindWindowA
DialogBoxParamA
GetWindowLongA
SetWindowLongA
SetTimer
GetSystemMetrics
EndDialog
LoadImageA
DdeNameService
RemovePropA

gdi32

GetObjectA
DeleteObject

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA

shell32

Shell_NotifyIconA

msvcrt

__getmainargs
__p__fmode
_adjust_fdiv
_initterm
__setusermatherr
__p__commode
__set_app_type
_except_handler3
_controlfp
_stat
_access
_strdup
exit
_exit
strchr
strtol
strpbrk
_mbsrchr
_fullpath
strrchr
sprintf
fopen
fgets
isspace
strcpy
malloc
free
getenv
_snprintf
_XcptFilter
_open_osfhandle
_fdopen
??2@YAPAXI@Z
??3@YAXPAX@Z
strlen
strcat
__p___argv
__p___argc
_acmdln
strncpy
printf
fprintf
_iob
setbuf
strcmp
memset
memcpy

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

902de1fc6d09d485695a3c1f3c6fd6f0

Headers

File Characteristics

Imports

nspr4

plc4

kernel32

user32

gdi32

advapi32

shell32

msvcrt

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 120KB - Virtual size: 118KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 120KB - Virtual size: 118KB

.text
Size: 112KB - Virtual size: 112KB