a6b6af5dadd6842c420fe3499b82d125004958bb9cfb4a8f970487bf8305198e

Sharing

Copy URL Twitter E-mail

General

Target

a6b6af5dadd6842c420fe3499b82d125004958bb9cfb4a8f970487bf8305198e
Size

172KB
MD5

5a37a7e4f64670a17faedbdb83e73d63
SHA1

406f665f5613dace2d2cbb3d215300f733e2a2c8
SHA256

a6b6af5dadd6842c420fe3499b82d125004958bb9cfb4a8f970487bf8305198e
SHA512

fc9348f7529bd55be694c6e9d74c94b58eeee0d7146b0f783746343e559f46d8f213642f7cef345c2a41c8f4861615d959a2c216f94dbf19ab2758ee2a634f2a
SSDEEP

3072:8Rn+vNI6Lhi8rK3hMhN4j2vGf6tcMbixY1hVbuffgSny46V0:8Rn+vNI6hK3qh3zbmosISny46V

Score

N/A

Malware Config

Signatures

Files

a6b6af5dadd6842c420fe3499b82d125004958bb9cfb4a8f970487bf8305198e
.exe windows x86

2661209e9ec57bf019a7cd8a985301c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
Sleep
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
CreateEventA
CloseHandle
WaitForSingleObject
ResetEvent
SetEvent
InterlockedExchange
CancelIo
GetTickCount
GetLocalTime
ExitThread
CreateThread
FreeLibrary
GetCurrentProcessId
HeapAlloc
GetProcessHeap
MoveFileA
GetLastError
GetFileAttributesA
CreateProcessA
GetStartupInfoA
lstrcatA
GetWindowsDirectoryA
lstrcpyA
TerminateThread
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetSystemTime
DeleteFileA
GetSystemDirectoryA
lstrlenA
WriteFile
SetFilePointer
GetFileSize
CreateFileA
LocalFree
LocalAlloc
ReadFile
HeapFree
GlobalUnlock
OutputDebugStringA
GlobalMemoryStatus
GetSystemInfo
GetVersionExA
InterlockedDecrement
OpenEventA
CreateMutexA
GetCurrentThreadId
CopyFileA
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
LocalReAlloc
LocalSize
GlobalMemoryStatusEx
WinExec
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateRemoteThread
GetModuleHandleA
OpenProcess
Module32Next
Module32First
GetDiskFreeSpaceExA
GetDriveTypeA
RaiseException

ole32

CoUninitialize
CoCreateInstance
OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize

oleaut32

VariantClear
SysFreeString
GetErrorInfo
SysAllocString

msvcrt

??0exception@@QAE@ABV0@@Z
_strcmpi
_strrev
_stricmp
_strnicmp
wcslen
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_controlfp
memset
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
_CxxThrowException
memcpy
memmove
ceil
_ftol
strlen
strstr
memcmp
rand
strcpy
sprintf
strncpy
strchr
malloc
strcmp
free
_except_handler3
strrchr
exit
strcat
strncat
realloc
atoi
strncmp
_errno
wcscpy
atol
_mbsstr
_mbscmp
_beginthreadex
_snprintf
calloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
_iob
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

urlmon

URLDownloadToFileA

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICSeqCompressFrame
ICSeqCompressFrameStart
ICSendMessage
ICOpen

netapi32

NetUserAdd
NetLocalGroupAddMembers
NetUserDel
NetApiBufferFree
NetUserEnum
NetUserSetInfo
NetUserGetInfo

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2661209e9ec57bf019a7cd8a985301c7

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

msvcrt

urlmon

msvfw32

netapi32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 22KB - Virtual size: 34KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 22KB - Virtual size: 34KB

.rsrc
Size: 2KB - Virtual size: 1KB