52979f4467861dfa2bb5226b7cd02780db0af0c60e7bce157538ff1090f073b0

Sharing

Copy URL

Twitter E-mail

General

Target

52979f4467861dfa2bb5226b7cd02780db0af0c60e7bce157538ff1090f073b0
Size

271KB
MD5

6e5c770642e74febfbc609703959e39a
SHA1

2fe21b85b7c1652e5db461dcce6729410a529379
SHA256

52979f4467861dfa2bb5226b7cd02780db0af0c60e7bce157538ff1090f073b0
SHA512

49cd9402c45ca89cba868602badae53b2a5db7aad60270b4dd516aa3b47685ab70c036c44c55ec6bf64763bfb468292c4643bf71d83be09ca9cd37dac8986a3b
SSDEEP

6144:V6Y4SDmnkDTrYCL2th1i4XPW42cglluj4bQpnofsn:V6Y4SDmnkoLi4+/f8Mbyo

Score

N/A

Malware Config

Signatures

Files

52979f4467861dfa2bb5226b7cd02780db0af0c60e7bce157538ff1090f073b0
.exe windows x86

6e46c4c5e81ddd011970bb5145dc6c27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetFileSize
GetCurrentDirectoryA
GetCommandLineA
RtlUnwind
GetTimeZoneInformation
GetDateFormatA
ExitThread
HeapSize
HeapDestroy
CreateProcessA
GetACP
SetConsoleCtrlHandler
TlsSetValue
FreeLibrary
WideCharToMultiByte
FlushFileBuffers
WriteConsoleA
DeleteFileA
CloseHandle
GetThreadContext
CreateFileW
SetFileAttributesW
VirtualFree
FreeEnvironmentStringsW
FileTimeToSystemTime
RemoveDirectoryA
TlsGetValue
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetModuleHandleW
MoveFileW
GetConsoleOutputCP
GetDriveTypeW
ResumeThread
LocalUnlock
CreateEventA
SetFileTime
CreateSemaphoreA
WriteFile
TlsAlloc
FindClose
SetCurrentDirectoryA
LocalAlloc
DuplicateHandle
GetThreadPriority
IsValidCodePage
AreFileApisANSI
GetFullPathNameW
DeleteCriticalSection
LCMapStringW
SetThreadPriority
IsValidLocale
RaiseException
LocalFree
DisableThreadLibraryCalls
SystemTimeToFileTime
SetThreadContext
DeleteFileW
GetProcessAffinityMask
FindFirstFileA
OpenProcess
FreeEnvironmentStringsA
GetModuleHandleA
GetFileInformationByHandle
ResetEvent
SetStdHandle
TlsFree
SetUnhandledExceptionFilter
GetTempPathW
HeapReAlloc
GetOEMCP
GetTimeFormatA
GetUserDefaultLCID
ReadFile
PeekNamedPipe
SetLastError
CompareStringA
UnhandledExceptionFilter
CompareStringW
LCMapStringA
GetFileType
WaitForMultipleObjects
CreateDirectoryW
CreateFileA
GetProcessHeap
CreateDirectoryA
GetConsoleCP
GetConsoleMode
SetFilePointer
MoveFileA
FatalAppExitA
HeapAlloc
HeapFree
FindFirstFileW
LocalFileTimeToFileTime
SetHandleCount
SetFileAttributesA
CreateThread
LeaveCriticalSection
SetEnvironmentVariableA
GetFullPathNameA
GetTempPathA
GetFileTime
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetDriveTypeA
GetStdHandle
LocalLock
EnterCriticalSection
GetCurrentThreadId
IsDBCSLeadByte
ReleaseSemaphore
SetEndOfFile
VirtualAlloc
SuspendThread
FindNextFileA
CreateMutexA
VirtualAllocEx

user32

CharUpperA
OemToCharBuffA
CharToOemBuffA
CharToOemA
CharLowerA
OemToCharA

ws2_32

WSAGetLastError
WSASetLastError

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

dbghelp

MakeSureDirectoryPathExists
SymEnumTypes
EnumerateLoadedModules
SymRegisterFunctionEntryCallback
SymGetLineFromAddr
SymEnumerateModules
MiniDumpWriteDump
StackWalk

ntlanman

I_SystemFocusDialog

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WkwxrQq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HvHEok
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TkZzJo
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oKNgU
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VZMMHEE
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vZhSceL
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vGNrf
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wKQY
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KfWxDw
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qGHN
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e46c4c5e81ddd011970bb5145dc6c27

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

advapi32

dbghelp

ntlanman

Sections

.text Size: 99KB - Virtual size: 99KB

.WkwxrQq Size: 4KB - Virtual size: 4KB

.HvHEok Size: 3KB - Virtual size: 2KB

.TkZzJo Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 77KB

.rdata Size: 129KB - Virtual size: 128KB

.oKNgU Size: 3KB - Virtual size: 3KB

.VZMMHEE Size: 512B - Virtual size: 246B

.rsrc Size: 5KB - Virtual size: 5KB

.vZhSceL Size: 4KB - Virtual size: 3KB

.vGNrf Size: 1KB - Virtual size: 1KB

.wKQY Size: 1024B - Virtual size: 792B

.KfWxDw Size: 5KB - Virtual size: 4KB

.qGHN Size: 1KB - Virtual size: 1KB

.text
Size: 99KB - Virtual size: 99KB

.WkwxrQq
Size: 4KB - Virtual size: 4KB

.HvHEok
Size: 3KB - Virtual size: 2KB

.TkZzJo
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 77KB

.rdata
Size: 129KB - Virtual size: 128KB

.oKNgU
Size: 3KB - Virtual size: 3KB

.VZMMHEE
Size: 512B - Virtual size: 246B

.rsrc
Size: 5KB - Virtual size: 5KB

.vZhSceL
Size: 4KB - Virtual size: 3KB

.vGNrf
Size: 1KB - Virtual size: 1KB

.wKQY
Size: 1024B - Virtual size: 792B

.KfWxDw
Size: 5KB - Virtual size: 4KB

.qGHN
Size: 1KB - Virtual size: 1KB