6c4bb3431d462b6c0bc6f49da3ba5f0a2731671c2fe9c2ef0709f0b6aa40d3dd

General

Target

6c4bb3431d462b6c0bc6f49da3ba5f0a2731671c2fe9c2ef0709f0b6aa40d3dd
Size

209KB
MD5

1a4f46702b65ac94bb3d17be7b24d0d8
SHA1

442477ffd7f202f1c73e8e951561a8c9d457b0d0
SHA256

6c4bb3431d462b6c0bc6f49da3ba5f0a2731671c2fe9c2ef0709f0b6aa40d3dd
SHA512

b35dce566410cb4f331ef6c904c94ef5788a6b1060322485f54a99d7b752102bad2fa700a406380740b3a8ac58d248e3bea2bcd21624eaa5407899130860d893
SSDEEP

3072:OiFRf6xBN/9S4YsIxqVAmDzNsyhNrlZPITUNya9Uyg5bL1E31Qa8w7vOuR1UQOEc:fKxrEonRbjrllIT5mqQ31JnRuF

Score

N/A

Malware Config

Signatures

Files

6c4bb3431d462b6c0bc6f49da3ba5f0a2731671c2fe9c2ef0709f0b6aa40d3dd
.exe windows x86

b0dd44e1384a38720c492f250b3fd0ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
CharNextA

pdh

PdhAdd009CounterA
PdhBrowseCountersA
PdhAddCounterW
PdhAddCounterA
PdhBindInputDataSourceA
PdhBindInputDataSourceW

kernel32

SetUnhandledExceptionFilter
GlobalMemoryStatus
LockResource
DeviceIoControl
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
SystemTimeToFileTime
FreeResource
CreateFileA
CloseHandle
lstrcpyA
GetEnvironmentStringsA
QueryDosDeviceA
LoadLibraryW
lstrlenA
lstrcmpA
LoadResource
GetLocalTime
SetLastError
GetVolumeInformationA
HeapFree
GetTickCount
QueryPerformanceCounter
WideCharToMultiByte
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleW
FindResourceA
GetProcessHeap

advapi32

RegOpenKeyW
RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegQueryValueExA

osuninst

ProvideUiAlerts
IsUninstallImageValid
RemoveUninstallImage
GetUninstallImageSize

pautoenr

CertAutoRemove
CertAutoEnrollment

panmap

DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0dd44e1384a38720c492f250b3fd0ef

Headers

File Characteristics

Imports

user32

pdh

kernel32

advapi32

osuninst

pautoenr

panmap

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 49KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 49KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 2KB - Virtual size: 1KB