6becc2ebd8d57902588c88a09b13f51824c27581c02e9838092e74d1f2a0967f

Sharing

Copy URL

Twitter E-mail

General

Target

6becc2ebd8d57902588c88a09b13f51824c27581c02e9838092e74d1f2a0967f
Size

131KB
MD5

31b72aa7d9a3ec2f543fc77f8d2719cc
SHA1

0a0792d7e6c66f7185352188bce3c61577c8f3fe
SHA256

6becc2ebd8d57902588c88a09b13f51824c27581c02e9838092e74d1f2a0967f
SHA512

976829395b6ab0881c319c113418b646775113fd06ec413851179f9fd82e721b43a3910d301f1cf80ddca8589e84e8401457837af85ecd1dd61c30338d6901fe
SSDEEP

3072:MIAV69Ncl1c8jgEdRWc+ZFYp3cMGH5N39K2LkwdK:lmjdRHyMU/Lk

Score

N/A

Malware Config

Signatures

Files

6becc2ebd8d57902588c88a09b13f51824c27581c02e9838092e74d1f2a0967f
.exe windows x86

732d2ee0a5546ee8cf5057c8564a5823

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OutputDebugStringA
IsDebuggerPresent
GetACP
VirtualFree
WaitForSingleObject
GetCurrentProcessId
GetLocaleInfoA
GetModuleHandleA
GetDriveTypeA
GetEnvironmentStrings
GetStringTypeA
GetTimeZoneInformation
GetStartupInfoA
DuplicateHandle
GetLocaleInfoW
VirtualProtect

msvcrt

__set_app_type
__p__commode
_lock
fputs
_initterm
log
_vsnwprintf
_adjust_fdiv
_acmdln
sqrt
_wtol
sscanf
_filelengthi64
__setusermatherr
_except_handler3
exit
__p__fmode
_XcptFilter
__getmainargs
atof

user32

DestroyCursor
FrameRect
ShowOwnedPopups
SetFocus
EnableMenuItem
LoadBitmapA
EnableWindow
InvalidateRect
DispatchMessageA
CheckMenuItem
UpdateWindow
SendDlgItemMessageA
GetMenuItemID

version

VerFindFileW
GetFileVersionInfoSizeW
VerQueryValueA
VerLanguageNameA
VerInstallFileW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

gdi32

GetBrushOrgEx
EnumFontFamiliesExA
ScaleViewportExtEx
IntersectClipRect
SetWindowExtEx
RectInRegion
CreateRectRgn
CreateICW
SelectClipPath

advapi32

RegDeleteKeyW
GetUserNameA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyA
OpenProcessToken
OpenThreadToken
RegEnumKeyExA
CryptHashData
RevertToSelf
OpenServiceW

shell32

SHCreateDirectoryExA
SHCreateDirectoryExW
SHGetPathFromIDList
SHGetFolderPathW
FindExecutableW
ExtractIconW

oleaut32

SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayUnaccessData
VariantClear
VariantInit

ole32

GetRunningObjectTable
CoLoadLibrary
CreateILockBytesOnHGlobal
ProgIDFromCLSID
OleInitialize
StgOpenStorage
CoInitializeEx

comctl32

ImageList_Destroy
ImageList_SetDragCursorImage
ImageList_DragEnter
ImageList_Replace
ImageList_Add
ImageList_LoadImageA

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

732d2ee0a5546ee8cf5057c8564a5823

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

version

gdi32

advapi32

shell32

oleaut32

ole32

comctl32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 18KB - Virtual size: 18KB