6f0300ecb4302fe35fcba7626d4e8644d4c5e1596892a3b3436ed7cbab03e893

Sharing

Copy URL Twitter E-mail

General

Target

6f0300ecb4302fe35fcba7626d4e8644d4c5e1596892a3b3436ed7cbab03e893
Size

16KB
MD5

02b8bf8b0ab7514c20f079cd8d4a006c
SHA1

e22b01f493818fcaeddd50f68b05c0a2a6c2e259
SHA256

6f0300ecb4302fe35fcba7626d4e8644d4c5e1596892a3b3436ed7cbab03e893
SHA512

b87c376170f0e4256e1ed8486ee0a21820e27576f34cc3529c2e27bbc863265064c76eb73a5833f2514f1e5d80a76171314190745d5ac6c4242a0b2ef2218bcd
SSDEEP

192:KKgCK9pJoQthCJvJkZlEkmgXx2X8Loy9u:WCKTJRthqJ4Ek3Xxw8L79u

Score

N/A

Malware Config

Signatures

Files

6f0300ecb4302fe35fcba7626d4e8644d4c5e1596892a3b3436ed7cbab03e893
.exe windows x86

f9285a440472f41dbecd465f5f7699c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateThread
CreateToolhelp32Snapshot
ExitProcess
ExitThread
GetCommandLineA
GetCurrentProcessId
GetFileSize
GetModuleFileNameA
GetProcAddress
GetSystemDirectoryA
GetTickCount
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
CreateFileMappingA
OpenProcess
Process32First
Process32Next
ReadFile
ReleaseMutex
SetEndOfFile
SetFileAttributesA
SetFilePointer
Sleep
TerminateProcess
UnmapViewOfFile
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrlenA
CreateFileA
CopyFileA
MapViewOfFile
CloseHandle

user32

GetDesktopWindow
MessageBoxA

wsock32

socket
connect
select
recv
listen
gethostname
gethostbyname
inet_addr
WSAStartup
closesocket
bind
accept

shell32

ShellExecuteA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA

shlwapi

StrStrIA

wininet

InternetGetConnectedState

urlmon

URLDownloadToFileA

ole32

CreateStreamOnHGlobal
CoInitialize

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 371B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9285a440472f41dbecd465f5f7699c4

Headers

File Characteristics

Imports

kernel32

user32

wsock32

shell32

advapi32

shlwapi

wininet

urlmon

ole32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 512B - Virtual size: 371B

.data Size: 1024B - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 386B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 512B - Virtual size: 371B

.data
Size: 1024B - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 386B