b82ee6ce764b5baa5c93acc67a15af8cc3d225b257f8b32e441b90843a224b12

Sharing

Copy URL Twitter E-mail

General

Target

b82ee6ce764b5baa5c93acc67a15af8cc3d225b257f8b32e441b90843a224b12
Size

128KB
MD5

25f7ccc71e54084cd1f108635676a8bc
SHA1

49bbcdef6403e261fdbff33b2d57a8c6ac8ad8c8
SHA256

b82ee6ce764b5baa5c93acc67a15af8cc3d225b257f8b32e441b90843a224b12
SHA512

126d0740d682aa5858edf3df75b134d555f614a4faa643a9b761daa77ddd53fe4244e8341ba2062beadb1cb4d57406cf6141ff31a11327c857cd396897a2c376
SSDEEP

3072:uxCQJKE1fyKJT7SsFmiTIGSjf7DqAefJXafWpZ:3QUK5N0iTIHSAWsfWr

Score

N/A

Malware Config

Signatures

Files

b82ee6ce764b5baa5c93acc67a15af8cc3d225b257f8b32e441b90843a224b12
.exe windows x86

6c092cc3d3fa50ae9a31c119cf209cfe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcschr
_beginthreadex
_wcsnicmp
?terminate@@YAXXZ
swprintf
wcsncat
swscanf
_wcsdup
wcscpy
memmove
_ftol
wcslen
_CxxThrowException
malloc
free
_purecall
_wcsicmp
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
_except_handler3
wcscmp
_exit
_c_exit
__CxxFrameHandler
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
iswspace
__set_app_type
wcscat

advapi32

RegSetValueExW
RegConnectRegistryW
RegOpenKeyExW
RegCloseKey
OpenThreadToken
RegisterEventSourceW
DeregisterEventSource
SetThreadToken

kernel32

GetTickCount
GlobalUnlock
GlobalLock
GlobalSize
GetCommandLineW
GetFileAttributesExW
GetLastError
GetUserDefaultLCID
GetTimeZoneInformation
CreateDirectoryW
GetTempPathW
WaitForMultipleObjects
GetCurrentThread
SetEnvironmentVariableW
GetEnvironmentVariableW
MultiByteToWideChar
WideCharToMultiByte
WriteFile
SetFilePointer
CreateFileW
lstrlenA
MoveFileExW
ReadFile
GetFileInformationByHandle
DuplicateHandle
GetCurrentProcess
SetFileAttributesW
DeleteFileW
GetModuleHandleA
GetStartupInfoW
RaiseException
LoadLibraryA
LocalAlloc
GetSystemTime
InterlockedExchange
CreateEventW
GetCurrentThreadId
Sleep
CreateThread
ReleaseMutex
ResetEvent
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
SetLastError
lstrcmpiA
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
lstrlenW
CloseHandle
lstrcpyW
lstrcatW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
WaitForSingleObject
SetEvent
GetProcAddress

user32

LoadStringW
PostThreadMessageW
CharNextW
DispatchMessageW
GetMessageW
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW

ole32

CoGetCallContext
CLSIDFromString
CoTaskMemAlloc
CoCreateInstance
CoSuspendClassObjects
CoRevokeClassObject
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoRegisterClassObject

oleaut32

SysAllocStringLen
SysFreeString
LoadRegTypeLi
SysStringLen
VariantInit
VariantTimeToSystemTime
VariantChangeTypeEx
SafeArrayCreateVector
SafeArrayAccessData
VariantChangeType
VariantCopy
VariantClear
SysAllocString
LoadTypeLi
RegisterTypeLi
SystemTimeToVariantTime
SafeArrayUnaccessData

ntdll

_ltow

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

obutbac
Size: 76KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

goytquv
Size: 4KB - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c092cc3d3fa50ae9a31c119cf209cfe

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ole32

oleaut32

ntdll

Sections

.text Size: 88KB - Virtual size: 87KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 28KB - Virtual size: 29KB

obutbac Size: 76KB - Virtual size: 104KB

goytquv Size: 4KB - Virtual size: 76KB

.text
Size: 88KB - Virtual size: 87KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 28KB - Virtual size: 29KB

obutbac
Size: 76KB - Virtual size: 104KB

goytquv
Size: 4KB - Virtual size: 76KB