6ce420374b4966e3a486b5c7a447b8cfc80e67d5540d3290629299cb787127df

Sharing

Copy URL

Twitter E-mail

General

Target

6ce420374b4966e3a486b5c7a447b8cfc80e67d5540d3290629299cb787127df
Size

132KB
MD5

d20e9f56ec21712e2c7b98faa7bf37de
SHA1

241070e9a5514ad9fed0b1aa66a2606e6303e702
SHA256

6ce420374b4966e3a486b5c7a447b8cfc80e67d5540d3290629299cb787127df
SHA512

f37c47461f0726500bdf82219b5d8e26140ef1282f24376eefcf1e9cebe006d0238218810a3f2f75723d6dfafcd5895b397f544e45ee9cc3a9c83f059792fe27
SSDEEP

1536:zxdQRah5TVwVeJMRLBsUNic+TLjisWWQD7POVjpHI/dQdCWBtk+fTYEXE8UsBeTx:NBAeqdH3hNajpHI/dQoqk+tU8UF0wY

Score

N/A

Malware Config

Signatures

Files

6ce420374b4966e3a486b5c7a447b8cfc80e67d5540d3290629299cb787127df
.dll windows x86

b9c084534cc4b6916eb5327f5b9adafb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
AllocateAndInitializeSid
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyA
RegDeleteKeyW
RegQueryValueW
RegCreateKeyW
RegOpenKeyExA
FreeSid
RegOpenKeyW
RegOpenKeyExW

version

GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

kernel32

RtlUnwind
MultiByteToWideChar
SetFilePointer
ReadFile
FlushFileBuffers
GetOEMCP
IsValidLocale
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetHandleInformation
VirtualAlloc
SetErrorMode
SetStdHandle
SetThreadPriority
QueryPerformanceCounter
CompareStringA
GetStringTypeW
FindResourceExW
InterlockedCompareExchange
IsValidCodePage
GetSystemTimeAsFileTime
GetModuleFileNameW
LockResource
lstrcmpA
LoadResource
lstrcpyA
HeapFree
InterlockedExchange
InterlockedIncrement
HeapReAlloc
CreateFileMappingA
GetCPInfo
FindResourceA
SetCurrentDirectoryA
LoadLibraryExW
CopyFileA
SetHandleCount
LocalAlloc
GetShortPathNameA
lstrlenA
GlobalLock
GlobalFree
GetModuleFileNameA
GlobalReAlloc
CloseHandle
GetCurrentProcessId
CreateMutexW
GetShortPathNameW
CreateFileMappingW
GetFileSize
LeaveCriticalSection
ResetEvent
GetStartupInfoA
HeapCreate
SearchPathW
MapViewOfFile
CreateEventW
GetVersionExW
EnumSystemLocalesA
FindResourceW
GetConsoleCP
SetEndOfFile
UnmapViewOfFile
VirtualFree
LoadLibraryW
CreateFileA
lstrlenW
LCMapStringA
CreateProcessW
CreateProcessA
WriteConsoleA
FileTimeToLocalFileTime
LocalFree
GlobalHandle
SetPriorityClass
GetTempPathW
IsBadWritePtr
GetFileTime
RaiseException
GetFileType
IsBadStringPtrW
LCMapStringW
GetSystemTime
SetCurrentDirectoryW
GlobalAlloc
GetConsoleMode
lstrcmpiW
GetCurrentDirectoryW
GetStringTypeA
GetProcessHeap
ExpandEnvironmentStringsA
SearchPathA
SystemTimeToFileTime
WriteFile
GetLocalTime
ExitProcess
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
FatalAppExitA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetACP

Exports

Exports

Bpqbiyvcndg

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9c084534cc4b6916eb5327f5b9adafb

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 52KB - Virtual size: 55KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 52KB - Virtual size: 55KB

.reloc
Size: 8KB - Virtual size: 7KB