b6ac5b82790e1cba7549a592313e6ef702a71bae044ad6cc08a8b5220856c2d2

Sharing

Copy URL

Twitter E-mail

General

Target

b6ac5b82790e1cba7549a592313e6ef702a71bae044ad6cc08a8b5220856c2d2
Size

345KB
MD5

c3cf3916615f0f6f22cd095ce558273e
SHA1

2afd688e781777cf9c325ed3dd04e68b71d747e3
SHA256

b6ac5b82790e1cba7549a592313e6ef702a71bae044ad6cc08a8b5220856c2d2
SHA512

160235f957692e1a64c2fe59ec15867e0d107022cc84eb8a745c805a56e8fecd85a773a5640f9d43e51a50e3fa80a3be4ce9073671b2a13e4561c0d31acef3dc
SSDEEP

6144:W7EQVsbfb37iC2epe1diNXB4gy3P5E8urgyYqlHzlqkf/:aEQiN2y1B4bP5/4gbaTlqk

Score

N/A

Malware Config

Signatures

Files

b6ac5b82790e1cba7549a592313e6ef702a71bae044ad6cc08a8b5220856c2d2
.exe windows x86

46a5fca38c5c5ffcfbaa4eea1381a8c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CloseClipboard
EnableWindow
ReleaseCapture
RegisterClipboardFormatW
TrackPopupMenu
SendMessageW
ReleaseDC
IsWindowEnabled
DialogBoxParamA
GetSystemMetrics

kernel32

ReadFile
GetFileType
GetACP
GetLocaleInfoA
GetStartupInfoA
GetLastError
VirtualFree
GetCurrentProcessId
GetStringTypeA
LoadResource
TlsSetValue
LoadLibraryExW
GetVersion
SetConsoleCP
GetModuleFileNameW
ExpandEnvironmentStringsW
RtlUnwind
VirtualProtect
InterlockedExchange
ExitProcess
GetProcessHeap
GetLocalTime
VirtualAlloc
GetModuleHandleA
GetOEMCP
TlsGetValue
GetCurrentThreadId
SetStdHandle
GetStringTypeW
IsDebuggerPresent
GetFileSize
CloseHandle
GetTempPathW
HeapAlloc
GetCurrentProcess
GetTickCount
CreateFileA
EnterCriticalSection
DuplicateHandle
GetSystemTimeAsFileTime
SizeofResource
SetEvent
FindFirstFileW

msvcrt

_CxxThrowException
_amsg_exit
atoi
_fileno
?what@exception@@UBEPBDXZ

lz32

LZClose
LZCopy
LZRead

gdi32

RealizePalette
SetMapMode
CreateFontIndirectA
CreateCompatibleBitmap

ole32

GetClassFile
StringFromCLSID

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyW
GetLengthSid

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 212KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.trdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46a5fca38c5c5ffcfbaa4eea1381a8c8

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

lz32

gdi32

ole32

advapi32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 212KB - Virtual size: 216KB

.data Size: 512B - Virtual size: 48KB

.reloc Size: 512B - Virtual size: 158B

.trdata Size: 68KB - Virtual size: 68KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 212KB - Virtual size: 216KB

.data
Size: 512B - Virtual size: 48KB

.reloc
Size: 512B - Virtual size: 158B

.trdata
Size: 68KB - Virtual size: 68KB