6c26fb8692d845f20d5ef15a7a98452d66065ac56ead0e09859d8ba3a4f76a52

Sharing

Copy URL Twitter E-mail

General

Target

6c26fb8692d845f20d5ef15a7a98452d66065ac56ead0e09859d8ba3a4f76a52
Size

167KB
MD5

1d857d95e25b3f2aa32cc23c730ce32f
SHA1

bf434c2ad66e1216b29c21ae64a3876996762d50
SHA256

6c26fb8692d845f20d5ef15a7a98452d66065ac56ead0e09859d8ba3a4f76a52
SHA512

e85ed9bc4fbd47246a2143b0bd41fe570bd7f3682a5fb28943047204a48785ad3afd72f7bac16d65c507a6766f678bb1e9d1a55f4b765c4e710bff3a49d2a840
SSDEEP

3072:OOpz6UoIPffkniQdOhyy9/4lc8l5B7MPPz0b2zH6BSmwN4NBpVza:OOB6Uf8ih9glDl5EcmH6AmhTh

Score

N/A

Malware Config

Signatures

Files

6c26fb8692d845f20d5ef15a7a98452d66065ac56ead0e09859d8ba3a4f76a52
.exe windows x86

fdd48e5d476f97821341c069148a2b6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAce
ChangeServiceConfigW
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeSid
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetKeySecurity
RegSetValueExW

setupapi

CMP_Report_LogOn
SetupCloseLog
SetupOpenLog
SetupLogErrorW
SetupDiSetClassInstallParamsW
SetupDiOpenDevRegKey
SetupDiInstallDevice
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassInstallParamsW
SetupDiCreateDevRegKeyW
CM_Create_DevNodeA

user32

ShowWindow
SetWindowTextW
SetWindowLongW
OffsetRect
IsWindowEnabled
GetWindowTextW
GetWindowLongW
GetThreadDesktop
GetParent
EndDialog
EnableWindow
DialogBoxParamW
SendMessageW

shell32

ShellExecuteW
SHSetUnreadMailCountW
SHOpenFolderAndSelectItems

kernel32

CloseHandle
GetCurrentThreadId
GetCurrentProcess
GetComputerNameW
ExitProcess
DisableThreadLibraryCalls
DeviceIoControl
CreateFileW
CompareStringW
GetModuleHandleA
GetModuleHandleW
lstrcmpiW
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
GetLastError
MultiByteToWideChar
LocalAlloc
GetWindowsDirectoryW
GetTickCount
GetSystemTimeAsFileTime
GetProcAddress

gdi32

CloseEnhMetaFile

msvcrt

wcscmp
_except_handler3

Exports

Exports

ADoTest
APCMOpen
AllocBuffers
FIsValidFileNameCharW
QueryMemStatus
SetCurrentIndex
StrToUintW

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdd48e5d476f97821341c069148a2b6b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

setupapi

user32

shell32

kernel32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 8KB - Virtual size: 7KB