c6fe51777dcb23d8e2449d1d63d7eae4090a9fda2955a9e2784ed5cb4825715c

Sharing

Copy URL Twitter E-mail

General

Target

c6fe51777dcb23d8e2449d1d63d7eae4090a9fda2955a9e2784ed5cb4825715c
Size

13KB
MD5

d8d5c791d26387eec5e6629f02f923e5
SHA1

79f6a91d429323fa935a5bf84082bfbc3bc76b87
SHA256

c6fe51777dcb23d8e2449d1d63d7eae4090a9fda2955a9e2784ed5cb4825715c
SHA512

ef53c343190a503a0865f41784874e8c8e3f9e79410c8b0a9e7b02872803b383e11ff32a4a94ae933b89c90714404ac47f271b0019b34d068f74afcf3c93bacc
SSDEEP

192:YUBQD4+cVBIWBhhLzaBq07qf1cKMikaBZhcW+6Aae8PO8U7OFtXiABkJ48fRFvps:jBL+cjbZLWA0Hik2De8P270lkJXfzu+u

Score

N/A

Malware Config

Signatures

Files

c6fe51777dcb23d8e2449d1d63d7eae4090a9fda2955a9e2784ed5cb4825715c
.exe windows x86

f82ab0c61bbf0dbc3bd32dd77e2d9a20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

atl

AtlMarshalPtrInProc

gdi32

DPtoLP
SelectObject
SetBkColor
DeleteDC
SaveDC
GetObjectA
DeleteObject
GetDeviceCaps
SetWindowOrgEx
CreateCompatibleDC
CreateFontIndirectA
SetViewportOrgEx
SetTextColor
BitBlt
ExtTextOutA
GetTextMetricsA
CreateSolidBrush
ModifyWorldTransform
RestoreDC
SetGraphicsMode

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advpack

RegInstall

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey

user32

InvalidateRect
GetWindowRect
DestroyIcon
SendMessageA
SetDlgItemTextA
IsWindow
CharUpperA
MsgWaitForMultipleObjects
GetWindowTextA
DialogBoxParamA
LoadBitmapA
CreateDialogParamA
IsDialogMessageA
CharPrevA
EndDialog
DestroyWindow
TranslateMessage
GetDC
wsprintfA
DispatchMessageA
DrawTextA
SetWindowPos
SetWindowLongA
EnableWindow
IsDlgButtonChecked
CheckDlgButton
GetClientRect
LoadStringA
SetWindowTextA
GetWindowLongA
LoadImageA
ShowWindow
GetSysColor
GetDlgItem
PeekMessageA
SendDlgItemMessageA
MessageBoxA
ReleaseDC

kernel32

GetDiskFreeSpaceA
CloseHandle
DeleteCriticalSection
SetEvent
LocalAlloc
InitializeCriticalSection
lstrlenA
CreateEventA
GetSystemDirectoryA
lstrcmpA
GetProcessHeap
lstrcpynA
LocalFree
HeapReAlloc
GetModuleFileNameA
GetModuleHandleA
CreateThread
GetTickCount
lstrcmpiA
lstrcatA
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
InterlockedIncrement
HeapFree
lstrcpyA
InterlockedDecrement
DisableThreadLibraryCalls
HeapAlloc
FreeLibrary
VirtualAlloc
HeapSize

ntdll

NtAddAtom

Sections

.textbss
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f82ab0c61bbf0dbc3bd32dd77e2d9a20

Headers

DLL Characteristics

File Characteristics

Imports

ole32

atl

gdi32

version

advpack

advapi32

user32

kernel32

ntdll

Sections

.textbss Size: - Virtual size: 80KB

.text Size: 512B - Virtual size: 428B

.idata Size: 21KB - Virtual size: 21KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 196B

.textbss
Size: - Virtual size: 80KB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 21KB - Virtual size: 21KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 196B