6f11ead4b398985443f2aeb337d48ddf6e7f84c19d3a2ae839b84c1d96626fb3

Sharing

Copy URL Twitter E-mail

General

Target

6f11ead4b398985443f2aeb337d48ddf6e7f84c19d3a2ae839b84c1d96626fb3
Size

308KB
MD5

eebde52dfdb730fbd8aa9696d09e04f7
SHA1

29b81202005915572caaf14858c1e3221f4e0745
SHA256

6f11ead4b398985443f2aeb337d48ddf6e7f84c19d3a2ae839b84c1d96626fb3
SHA512

7b5446d664e101a8bd49d6795de9f4e800bf2a13863d7a33ad4e4ae3733a4c91fc6eba0636be707715bc26204adaa83abce91515efb1b8d730234f7a24fb56d1
SSDEEP

6144:M0JrZkS0GMwsk7t97KFGhabZuhRf42geqBEENKIRw4SrKZK1E:LLkS0GPx7LyGhatOA2gfBcIRwlrCK1E

Score

N/A

Malware Config

Signatures

Files

6f11ead4b398985443f2aeb337d48ddf6e7f84c19d3a2ae839b84c1d96626fb3
.exe windows x86

13bd96305402b0a4daef9156a814373c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetProcessWindowStation
GetDesktopWindow
GetUserObjectInformationW
MessageBoxA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

gdi32

DeleteDC
DeleteObject
GetObjectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
GetBitmapBits
SelectObject
CreateDCA
GetDeviceCaps

ws2_32

getservbyname
setsockopt
shutdown
ntohl
send
sendto
recvfrom
WSAStartup
connect
htonl
WSACleanup
ioctlsocket
getsockopt
closesocket
WSAGetLastError
ntohs
WSASetLastError
recv
socket
gethostbyname
listen
accept
htons
bind

kernel32

SetUnhandledExceptionFilter
SetLastError
FlushConsoleInputBuffer
GetCurrentThreadId
UnhandledExceptionFilter
CloseHandle
FindNextFileA
FindClose
GetStdHandle
FreeLibrary
IsDebuggerPresent
GetModuleHandleA
GetSystemTimeAsFileTime
FindFirstFileA
GlobalMemoryStatus
GetFileType
VirtualAllocEx
LoadLibraryW
SleepEx
EnumTimeFormatsA
GetVolumeInformationW
OpenWaitableTimerA
SetCurrentDirectoryW
LoadResource
SetCurrentDirectoryA
CreateMutexA
Beep
GetUserDefaultLangID
GetLogicalDrives
IsValidCodePage
lstrcmpA
IsBadCodePtr
EnumCalendarInfoA
FileTimeToDosDateTime
GetShortPathNameW
WaitForMultipleObjects
GetWindowsDirectoryA
lstrcpynA
QueryPerformanceFrequency
BeginUpdateResourceW
GetCalendarInfoA
IsBadStringPtrA
GetLogicalDriveStringsW
GetExpandedNameA
IsValidLocale
RemoveDirectoryW
WaitForSingleObject
GetTempPathA
CreateSemaphoreA
GetHandleInformation
GetACP
OpenFile
CreateSemaphoreW
FindAtomW
OpenSemaphoreW
SearchPathW
GetCalendarInfoW
CreateDirectoryA
FatalAppExitW
GetSystemInfo
CreatePipe
GetOEMCP
CreateMailslotW
GetDateFormatA
GetSystemDirectoryA
GlobalGetAtomNameW
SystemTimeToFileTime
GetFullPathNameA
lstrcpy
CopyFileA
BeginUpdateResourceA
GetLocalTime
DeleteAtom
MoveFileA
MulDiv
CreateMailslotA
GetUserDefaultLCID
WinExec
OpenMutexA
SetErrorMode
GetSystemTime
GetNumberFormatW
GetSystemDirectoryW
FatalAppExitA
ReadDirectoryChangesW
OpenSemaphoreA
CreateNamedPipeA
CreateMutexW
lstrcpyn
CopyFileExW
CompareFileTime
GetDateFormatW
lstrlenA

cscdll

CSCUnpinFileW
CSCSetMaxSpace
CSCEnumForStatsW
CSCQueryFileStatusW
CSCFindFirstFileForSidW
CSCFindFirstFileW
CSCIsCSCEnabled

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 12.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13bd96305402b0a4daef9156a814373c

Headers

File Characteristics

Imports

user32

advapi32

gdi32

ws2_32

kernel32

cscdll

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 142KB

.data Size: 260KB - Virtual size: 12.7MB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 142KB

.data
Size: 260KB - Virtual size: 12.7MB

.rsrc
Size: 27KB - Virtual size: 27KB