6d3eeb5dfdd8b5bf4e9d8f2a531ba7f4f0c925f91ecd6b06e4fcce00b54ad212

General

Target

6d3eeb5dfdd8b5bf4e9d8f2a531ba7f4f0c925f91ecd6b06e4fcce00b54ad212
Size

263KB
MD5

27ac9f7cd79a042f3f2859737646f4d3
SHA1

73f1b410f595d69603bba040343af0d068c79bc4
SHA256

6d3eeb5dfdd8b5bf4e9d8f2a531ba7f4f0c925f91ecd6b06e4fcce00b54ad212
SHA512

fa8834f71c3c8c681c554b8405113be0094bb8a108cb517ab884e052a63c077dec543b5dfbfd903e829594c71d2579238e8c13c875123b9706cc571690318c11
SSDEEP

6144:eaC9h1L7S5I8BV5eruUrXzzHRo0YC5Mnlu1w6b5OZUVgP:eLb1imiVA6U7HRvglu1la3

Score

N/A

Malware Config

Signatures

Files

6d3eeb5dfdd8b5bf4e9d8f2a531ba7f4f0c925f91ecd6b06e4fcce00b54ad212
.exe windows x86

e69868d8fb50417e21b9668a553d16ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSRegisterSessionNotification

msimg32

TransparentBlt

kernel32

GetProcessHeap
CreateProcessA
HeapFree
HeapAlloc
TerminateProcess
IsDebuggerPresent
WideCharToMultiByte
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetLocaleInfoA
HeapSize
SystemTimeToFileTime
QueryPerformanceCounter
Sleep
GetSystemTime
lstrlenA
LoadLibraryW
GetStdHandle
HeapFree
GetCurrentProcess
LocalAlloc
GetACP
UnhandledExceptionFilter
WriteFile
GetCurrentThreadId
EnumResourceTypesW
GetEnvironmentVariableA
GetStartupInfoA
HeapReAlloc
InterlockedCompareExchange
LZOpenFileA
GetThreadLocale
RaiseException
HeapDestroy
GetCurrentProcessId
InterlockedExchange
GetModuleHandleA
CreateFileW
GetTickCount
lstrlenW
LoadLibraryExW
MultiByteToWideChar
CloseHandle
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e69868d8fb50417e21b9668a553d16ab

Headers

File Characteristics

Imports

wtsapi32

msimg32

kernel32

oleacc

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 2KB - Virtual size: 141KB

.data Size: 202KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 2KB - Virtual size: 141KB

.data
Size: 202KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB