6697101d6e0e9e563eda679a2ae80ed0d2a2ae78037a91535c8df9a549d8b024

Sharing

Copy URL

Twitter E-mail

General

Target

6697101d6e0e9e563eda679a2ae80ed0d2a2ae78037a91535c8df9a549d8b024
Size

1.2MB
MD5

1de5b190d887aa00214bda2c5b38274a
SHA1

7a34ea64ffd2e6e297d624b8764bc873105a89f7
SHA256

6697101d6e0e9e563eda679a2ae80ed0d2a2ae78037a91535c8df9a549d8b024
SHA512

108945f5b0c20e540cc0237ba41fe596e8d328ac9f3602df5dc324303be08231b56131b4d1768c0512266640c90bd229e144e96c80557d646cb45ff2f89e78dd
SSDEEP

12288:5RPYn8aA1Jx1KL2YYlDQyON9fYhFKRNXNyfWNL21bW8/AhEcqNT5n9Vyecfw4wVv:HbY2YYQeeeHWicqNT5eetN82

Score

N/A

Malware Config

Signatures

Files

6697101d6e0e9e563eda679a2ae80ed0d2a2ae78037a91535c8df9a549d8b024
.exe windows x86

13e4a4ba732d82b241a5e40a518bda52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
MoveFileW
DeleteFileW
TlsAlloc
GetFileAttributesExW
GetModuleFileNameW
GetFileAttributesW
GetCommandLineW
VerSetConditionMask
VerifyVersionInfoW
GetStdHandle
GetFileType
SetLastError
GetConsoleOutputCP
GetModuleHandleA
Sleep
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
LoadLibraryW
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
DisableThreadLibraryCalls
GetVersionExW
CreateEventW
CloseHandle
SetEvent
WaitForSingleObject
GetProcessHeap
TlsFree
InterlockedIncrement
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpW
GetProcAddress
SetThreadPriority
IsProcessorFeaturePresent
DebugBreak
QueryPerformanceFrequency
MulDiv
HeapAlloc
InterlockedCompareExchange
LoadLibraryA
CreateEventA
WideCharToMultiByte
OutputDebugStringA
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetVersion
LocalAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
SystemTimeToFileTime
GlobalMemoryStatus
GetConsoleAliasExesLengthW
AddConsoleAliasW
GetLocalTime
CreateFileW
SetFilePointerEx
TlsSetValue
FreeLibrary
OutputDebugStringW
GetStartupInfoA
CreateFileA
ExitProcess
CreateDirectoryExW
HeapFree
ExitThread
GetConsoleAliasesW

user32

EnumDisplayMonitors
FillRect
GetDC
GetDesktopWindow
EnumDisplaySettingsW
InvalidateRect
EnumDisplayDevicesW
IsIconic
MapWindowPoints
MonitorFromWindow
DefWindowProcW
SetForegroundWindow
SetWindowLongW
MonitorFromRect
GetForegroundWindow
GetWindowRect
RegisterClassW
CreateWindowExW
IsWindow
CharNextA
LoadStringW
IntersectRect

advapi32

IsTextUnicode
RegCloseKey
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemFree
PropVariantCopy
CoCreateInstance
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries

msvcrt

malloc
free

winmm

timeBeginPeriod
timeEndPeriod

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13e4a4ba732d82b241a5e40a518bda52

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

winmm

Sections

.text Size: 120KB - Virtual size: 118KB

.idata Size: 8KB - Virtual size: 4KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 108KB - Virtual size: 2.7MB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 120KB - Virtual size: 118KB

.idata
Size: 8KB - Virtual size: 4KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 108KB - Virtual size: 2.7MB

.rsrc
Size: 32KB - Virtual size: 28KB