6da3b0bee1a6c9b85efded8a42cc98f2988efffbf5c493a0259b715edcff801c

Sharing

Copy URL Twitter E-mail

General

Target

6da3b0bee1a6c9b85efded8a42cc98f2988efffbf5c493a0259b715edcff801c
Size

475KB
MD5

4d5e84c0043bcabe80a8109b39dcc400
SHA1

e59ca7199bd8c92a32745da7de7e38a1c5dbc6e4
SHA256

6da3b0bee1a6c9b85efded8a42cc98f2988efffbf5c493a0259b715edcff801c
SHA512

9c81001755115a4a338762dba3c838a2d87dd1375008356abcf5dc243f48da5b0176edc5eeae751f79baed9cf44867472ee3b7ea23187e6298bb38ff1b6983b6
SSDEEP

12288:Hj5ffbKfEZHkElw1+NeRggdQwtQOIClxbFwWJM2Eb/ZqVo4o:FfbKfN1+Neyy9PJM/oVro

Score

N/A

Malware Config

Signatures

Files

6da3b0bee1a6c9b85efded8a42cc98f2988efffbf5c493a0259b715edcff801c
.exe windows x86

41542fb7b7c9c9343a1c3fafd6b7d198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW
IsDlgButtonChecked
ShowCursor
EnableMenuItem
DeleteMenu
RealGetWindowClassW
SetCapture
OpenClipboard
DdeNameService
DispatchMessageW
DefFrameProcW

shell32

FindExecutableA
ShellExecuteExW
ExtractIconExA
ExtractAssociatedIconA
ShellAboutA
DoEnvironmentSubstW
ShellExecuteExA
DuplicateIcon

gdi32

CopyEnhMetaFileA
CloseEnhMetaFile
AngleArc
CreateCompatibleDC
CreateDCW
AddFontResourceExW

mpr

WNetCancelConnection2A
WNetGetUniversalNameA
WNetAddConnectionA
WNetAddConnection3W
WNetConnectionDialog

kernel32

HeapAlloc
LoadLibraryW
HeapFree
IsValidCodePage
HeapReAlloc
GetACP
GetCPInfo
RtlUnwind
SetFilePointer
MultiByteToWideChar
WriteConsoleW
Sleep
CreateFileW
CloseHandle
GetStringTypeW
LCMapStringW
HeapSize
GetOEMCP
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
EscapeCommFunction
DisconnectNamedPipe
GetNamedPipeHandleStateA
VerSetConditionMask
VirtualAllocEx
SearchPathA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
DeleteCriticalSection
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41542fb7b7c9c9343a1c3fafd6b7d198

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

gdi32

mpr

kernel32

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 16KB

.rsrc Size: 437KB - Virtual size: 436KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 16KB

.rsrc
Size: 437KB - Virtual size: 436KB