6b18a4f9a54db0b5b618e68595a36737c4836b2eae05c92b8da8ccfac428097c

Sharing

Copy URL Twitter E-mail

General

Target

6b18a4f9a54db0b5b618e68595a36737c4836b2eae05c92b8da8ccfac428097c
Size

256KB
MD5

ac55bba00a5c6ecfa70306d304a03bc0
SHA1

4da0d738d0a4bb3f6481620f4b2518887229e2aa
SHA256

6b18a4f9a54db0b5b618e68595a36737c4836b2eae05c92b8da8ccfac428097c
SHA512

430b77e109b1a20220ed9bdcb11d303463305527b3f3b88cf8b4a75487f2a83c9dd37bf95f0f5412eedbf046116878eaa2613d70cd558093d6a56037ddc18fa4
SSDEEP

6144:2sWcc+R0j+HXOYo0poTDoUgcbspXq0sCmE9mtEy+Smw:nvXOY/oPmcFfSQ+Jw

Score

N/A

Malware Config

Signatures

Files

6b18a4f9a54db0b5b618e68595a36737c4836b2eae05c92b8da8ccfac428097c
.exe windows x86

7d28a6954f540ffb2f6e8d1004d0b9cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowRgn
GetParent
SetWindowLongA
ShowWindow
SetWindowPos
IsChild
MessageBoxA
GetForegroundWindow
UnregisterClassA
ReleaseDC
GetKeyState
EqualRect
IsWindow
SetFocus
GetWindowLongA
SetCursor
OffsetRect
GetClientRect
IntersectRect
CharNextA
GetFocus
wsprintfA
InvalidateRect
CallWindowProcA
PtInRect
DefWindowProcA
LoadCursorA
UnionRect
DestroyWindow
GetDC

advapi32

RegCloseKey
RegSetValueExA
RegDeleteValueA
RegOpenKeyExW
RegOpenCurrentUser
RegQueryInfoKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueExW
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA

gdi32

RestoreDC
GetDeviceCaps
SetWindowExtEx
LPtoDP
CreateDCA
DeleteMetaFile
TextOutA
SetMapMode
CreateMetaFileA
CloseMetaFile
CreateRectRgnIndirect
DeleteDC
SetViewportOrgEx
SetTextAlign
SaveDC
SetWindowOrgEx

ole32

OleRegGetUserType
OleRegEnumVerbs
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
StringFromGUID2
CoTaskMemFree
OleLoadFromStream
CoCreateInstance
CoTaskMemAlloc
OleSaveToStream
CreateOleAdviseHolder
CoTaskMemRealloc

kernel32

SetHandleCount
VirtualProtect
DeleteFileA
RaiseException
SetLastError
GetCommandLineA
IsDBCSLeadByte
WriteFile
MulDiv
IsProcessorFeaturePresent
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrcmpA
DeleteFileW
GetCurrentThreadId
ReadFile
EnterCriticalSection
GetModuleHandleA
GetConsoleOutputCP
GetACP
GetLocalTime
TlsSetValue
GetTempPathW
lstrcpyA
GetConsoleCP
HeapFree
FreeEnvironmentStringsW
CreateFileA
GlobalLock
TerminateThread
SetFileAttributesA
HeapDestroy
LoadLibraryExA
GetFileType
HeapSize
UnhandledExceptionFilter
RtlUnwind
CloseHandle
GetSystemTimeAsFileTime
lstrcmpiA
CreateMutexA
CreateEventA
WriteConsoleW
CreateThread
FindNextFileA
WaitForSingleObjectEx
SetFilePointer
LoadResource
WritePrivateProfileStringA
HeapReAlloc
FindResourceA
WaitForSingleObject
IsValidCodePage
GetProcessHeap
FindFirstFileA
OutputDebugStringA
WaitForMultipleObjects
lstrlenA
GetSystemInfo
CreateFileW
FreeLibrary
TlsFree
GlobalUnlock
CreateDirectoryW
FlushInstructionCache
HeapAlloc
GetStdHandle
VirtualAlloc
VirtualFree
SizeofResource
TlsAlloc
TlsGetValue
SetStdHandle
FindClose
LeaveCriticalSection
VirtualQuery
lstrlenW
GetTempFileNameW
GetConsoleMode
GetTempPathA
FlushFileBuffers
CreateMutexW
lstrcatA
DeleteCriticalSection
ReleaseMutex
GetOEMCP
LCMapStringA
WriteConsoleA
FreeEnvironmentStringsA
GetThreadLocale
LCMapStringW
IsDebuggerPresent
GlobalAlloc
GetCurrentDirectoryW

oleaut32

VariantClear
SysAllocStringByteLen
LoadRegTypeLi
OleCreatePropertyFrame
VarUI4FromStr
VariantCopy
VariantChangeType
VariantInit
SysStringLen
UnRegisterTypeLi
SysFreeString
LoadTypeLi
SysStringByteLen
SysAllocString
DispCallFunc
RegisterTypeLi

iassvcs

IASUninitialize
IASVariantChangeType
DllCanUnloadNow

oleprn

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow

Sections

.wxuER
Size: 512B - Virtual size: 15KB

IMAGE_SCN_MEM_READ

.sZMvctt
Size: 1KB - Virtual size: 29KB

IMAGE_SCN_MEM_READ

.DdLL
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_MEM_READ

.oAtP
Size: 2KB - Virtual size: 27KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hdFecPG
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XEYnPz
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CAhEro
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CIomHV
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DuReL
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fFSCDOj
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Csjayu
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d28a6954f540ffb2f6e8d1004d0b9cf

Headers

File Characteristics

Imports

user32

advapi32

gdi32

ole32

kernel32

oleaut32

iassvcs

oleprn

Sections

.wxuER Size: 512B - Virtual size: 15KB

.sZMvctt Size: 1KB - Virtual size: 29KB

.DdLL Size: 2KB - Virtual size: 9KB

.oAtP Size: 2KB - Virtual size: 27KB

.text Size: 19KB - Virtual size: 18KB

.hdFecPG Size: 512B - Virtual size: 334B

.XEYnPz Size: 1KB - Virtual size: 1KB

.CAhEro Size: 512B - Virtual size: 503B

.data Size: 8KB - Virtual size: 241KB

.CIomHV Size: 1KB - Virtual size: 1KB

.rdata Size: 210KB - Virtual size: 209KB

.DuReL Size: 1KB - Virtual size: 1KB

.fFSCDOj Size: 2KB - Virtual size: 2KB

.Csjayu Size: 512B - Virtual size: 400B

.rsrc Size: 2KB - Virtual size: 2KB

.wxuER
Size: 512B - Virtual size: 15KB

.sZMvctt
Size: 1KB - Virtual size: 29KB

.DdLL
Size: 2KB - Virtual size: 9KB

.oAtP
Size: 2KB - Virtual size: 27KB

.text
Size: 19KB - Virtual size: 18KB

.hdFecPG
Size: 512B - Virtual size: 334B

.XEYnPz
Size: 1KB - Virtual size: 1KB

.CAhEro
Size: 512B - Virtual size: 503B

.data
Size: 8KB - Virtual size: 241KB

.CIomHV
Size: 1KB - Virtual size: 1KB

.rdata
Size: 210KB - Virtual size: 209KB

.DuReL
Size: 1KB - Virtual size: 1KB

.fFSCDOj
Size: 2KB - Virtual size: 2KB

.Csjayu
Size: 512B - Virtual size: 400B

.rsrc
Size: 2KB - Virtual size: 2KB