6baf9c361072d568a02d6d18ef2f750701ee74c773881977e90072f52eb16dad

Sharing

Copy URL Twitter E-mail

General

Target

6baf9c361072d568a02d6d18ef2f750701ee74c773881977e90072f52eb16dad
Size

124KB
MD5

12760267d142e8b26f392676c079ee80
SHA1

8a439ec1c73d8a9a0b329d00a474426a15fbae09
SHA256

6baf9c361072d568a02d6d18ef2f750701ee74c773881977e90072f52eb16dad
SHA512

dfca67631d008cffa487799db79fe9ff56d5a962a36c4f04ebe7846e4993226cdbdde7a8373a1e5ebf40b78c7205094049a30e83d5006ae6bcf683c848014662
SSDEEP

1536:iVJGaeiZ5MysFJPIS8G2fvQT/fPNao17hIeDvoY2LFuRf:ivG29mf23QT/fPNaoJhVYRuRf

Score

N/A

Malware Config

Signatures

Files

6baf9c361072d568a02d6d18ef2f750701ee74c773881977e90072f52eb16dad
.exe windows x86

83207eac55e1cbbc0a22e574da3bbc5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateMutexA
CreateEventA
GetCurrentThreadId
GetCommandLineA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
IsDBCSLeadByte
LoadLibraryA
lstrcpyA
lstrcatA
InterlockedIncrement
WaitForSingleObject
CreateThread
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
lstrcmpiA
OpenEventA
SetEvent
lstrcpynA
LoadLibraryExA
GetLastError
FindResourceA
GetVersionExA
GetProcAddress
InterlockedDecrement
LocalFree
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetStartupInfoA
CloseHandle
RaiseException
HeapReAlloc
HeapAlloc
IsBadReadPtr
IsBadCodePtr
WriteFile
RtlUnwind
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
GetFileType
SetFilePointer
GetCPInfo
HeapFree
GetACP
GetOEMCP

user32

wsprintfA
CharNextA
PostThreadMessageA
DispatchMessageA
GetMessageA
CreateWindowExA
RegisterClassA
DefWindowProcA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA

ole32

CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

LoadTypeLi
RegisterTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
VariantClear

hccutils

EnumDspDev

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83207eac55e1cbbc0a22e574da3bbc5f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

hccutils

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 32KB - Virtual size: 36KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 32KB - Virtual size: 36KB