6b9f09e4eef15c922edb22e7a92dea56779648b7240aeff1cee9a0ef7e81b24d

Sharing

Copy URL Twitter E-mail

General

Target

6b9f09e4eef15c922edb22e7a92dea56779648b7240aeff1cee9a0ef7e81b24d
Size

227KB
MD5

8f8f79be1c188f980c2f403e7df48a4b
SHA1

1bad635f1cf8347530a9924d3ead4a4f1544daab
SHA256

6b9f09e4eef15c922edb22e7a92dea56779648b7240aeff1cee9a0ef7e81b24d
SHA512

2cdffb89c583ec1b3a4ca533e09c9d26d8e5a0f185c1385e84d1571dbad7b7778cc48e2189331030942aa997f63d8133e1656fc5dceb396b8d5b1639b3ddd4ea
SSDEEP

6144:tlPAFTDbH9coVfSRaxGuxo8q7ZIdzJZzVTIMt0:fAFTXfSRaY18AwJjt0

Score

N/A

Malware Config

Signatures

Files

6b9f09e4eef15c922edb22e7a92dea56779648b7240aeff1cee9a0ef7e81b24d
.exe windows x86

ba150ae69b2c42b48474bbb366f993ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

??0CReaderWriterLock@@QAE@XZ
?IsReadLocked@CLKRLinearHashTable@@QBE_NXZ
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGXN@Z
?IsWriteLocked@CLKRLinearHashTable@@QBE_NXZ
?SetSpinCount@CFakeLock@@QAE_NG@Z
?Clear@CLKRLinearHashTable@@QAEXXZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?RemoveHead@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?TryReadLock@CReaderWriterLock2@@QAE_NXZ
?_CurrentThreadId@CSpinLock@@CGJXZ
?_LockSpin@CReaderWriterLock2@@AAEX_N@Z
?ReadLock@CCritSec@@QAEXXZ
?WriteLock@CReaderWriterLock@@QAEXXZ
?ConvertExclusiveToShared@CReaderWriterLock3@@QAEXXZ
?IsReadLocked@CSmallSpinLock@@QBE_NXZ
?IsWriteLocked@CSmallSpinLock@@QBE_NXZ
?GetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGNXZ
?_WriteLockSpin@CReaderWriterLock3@@AAEXXZ
?BucketSize@CLKRHashTableStats@@SGJJ@Z
?IsWinNT4@CMdVersionInfo@@SAHXZ
??1CSpinLock@@QAE@XZ

winmm

waveOutMessage
midiOutReset
mciSendStringW
mciDriverNotify
mmioSetInfo
mixerGetLineControlsA
mmioAdvance
mmioInstallIOProcW
auxGetNumDevs
mciGetDeviceIDFromElementIDW
waveOutSetPlaybackRate
midiInClose
NotifyCallbackData
mciDriverYield
midiOutMessage

kernel32

lstrcpyn
ResetEvent
SetLocalTime
LoadLibraryW
PeekConsoleInputW
FreeUserPhysicalPages
GetLocaleInfoW
RegisterWowExec
GetEnvironmentStringsA
SetLastError
TransmitCommChar
GetMailslotInfo

user32

GetUpdateRgn
GetThreadDesktop
GetRawInputData
RegisterDeviceNotificationA
ChangeMenuA
GetWindowTextLengthW
BroadcastSystemMessageA
DefMDIChildProcW
ChildWindowFromPointEx
CreateDialogIndirectParamA
UnhookWindowsHookEx
SetRectEmpty
LoadMenuIndirectA
AdjustWindowRectEx
MessageBoxIndirectA

wininet

InternetAutodialHangup
SetUrlCacheEntryInfoA
InternetTimeFromSystemTime
InternetUnlockRequestFile
InternetWriteFileExA
InternetCrackUrlW
UnlockUrlCacheEntryFile
DeleteUrlCacheEntryA
FtpPutFileW
FtpCommandA
InternetQueryOptionA
FtpRenameFileA
HttpQueryInfoW
InternetReadFileExA
HttpEndRequestA

icmp

IcmpSendEcho
IcmpCloseHandle
register_icmp
do_echo_req
IcmpSendEcho2
IcmpParseReplies
IcmpCreateFile
do_echo_rep

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba150ae69b2c42b48474bbb366f993ee

Headers

File Characteristics

Imports

msdart

winmm

kernel32

user32

wininet

icmp

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 61KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 61KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 1KB