6b2dcddf5310aa0d071a57303af1777480686c310dae103028c9716124888b40

Sharing

Copy URL Twitter E-mail

General

Target

6b2dcddf5310aa0d071a57303af1777480686c310dae103028c9716124888b40
Size

182KB
MD5

4096c5bc03565d8a6574fddc2425ff4f
SHA1

a96cc01a73ce2de5ffccc1810c6287c46e05f8a5
SHA256

6b2dcddf5310aa0d071a57303af1777480686c310dae103028c9716124888b40
SHA512

0dbaff5dcf9cdefdb3aa755a6a4419b53674dfc7315145159cb74f197122c97188550b1cdf5d47d16d68c6e52ae65474e80c094b066a9834fdcbe1a4f208654c
SSDEEP

3072:+v0rgeUfbpqn8yKpNptXrkUB+l6ZwVMLzVqyZTSSwYUusegbQH/m2F:IalT+N3bBxO2L3pxUqgbQz

Score

N/A

Malware Config

Signatures

Files

6b2dcddf5310aa0d071a57303af1777480686c310dae103028c9716124888b40
.exe windows x86

7c12f2e7709f7c96af2ac7d24338d3aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAppendW
PathRemoveFileSpecW
PathRemoveBackslashW
PathFileExistsW

kernel32

GetModuleHandleW
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
MoveFileExW
CopyFileW
CreateDirectoryW
GetModuleFileNameW
ReadFile
GetLastError
ConnectNamedPipe
DisconnectNamedPipe
GlobalFree
CreateNamedPipeW
GlobalAlloc
SetNamedPipeHandleState
CreateFileW
FindFirstFileA
CreateDirectoryA
FindClose
WaitForSingleObject
DuplicateHandle
WriteFile
GetCurrentProcess
LoadLibraryW
GetProcAddress
OpenProcess
CreateFileA
CloseHandle
LocalFree
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
GetTempPathW
LCMapStringW
LCMapStringA
SetEndOfFile
GetStringTypeW
MoveFileA
DeleteFileA
GetTempFileNameA
GetTempPathA
SetFileAttributesA
GetFileAttributesA
GetEnvironmentVariableW
MoveFileW
GetTempFileNameW
GetStringTypeA
FreeLibrary
FindNextFileA
CreateMutexW
ReleaseMutex
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
HeapReAlloc
HeapSize
VirtualAlloc
IsBadWritePtr
SetStdHandle
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA

advapi32

RegisterServiceCtrlHandlerW
SetServiceStatus
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
DuplicateTokenEx
SetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CreateProcessAsUserW
OpenProcessToken
AllocateAndInitializeSid
FreeSid
GetSecurityInfo
SetEntriesInAclW
SetSecurityInfo
StartServiceCtrlDispatcherW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathA
SHGetFolderPathW

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW

userenv

CreateEnvironmentBlock

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c12f2e7709f7c96af2ac7d24338d3aa

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

shell32

psapi

userenv

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 76KB - Virtual size: 76KB