b6f372ebc5cb8971e15e84ccfac4fcf02c6a07f52673c8cbb63c143791d42e44

Sharing

Copy URL

Twitter E-mail

General

Target

b6f372ebc5cb8971e15e84ccfac4fcf02c6a07f52673c8cbb63c143791d42e44
Size

1.3MB
MD5

b805b02ee3cac4222ca6a28c0c586ddc
SHA1

b5f2089309f6112d843e28da8864300471369067
SHA256

b6f372ebc5cb8971e15e84ccfac4fcf02c6a07f52673c8cbb63c143791d42e44
SHA512

0cdfde9597c75f857e6d70bbf515aaed20a9507cea7f0eef0aa6111218fd1ff3e478d469eab825a24b489c2e0fd55f6c97a2b8cdb8ccbcb4b0534a96c8a49cc1
SSDEEP

24576:D6PIigJOzBLiOtBwD+uC2XUsM880YSFXDTWMn/ZER45cSZXN9DthYdM2nm:y+O1uOR/o18WVWvSZXjt+dM2nm

Score

N/A

Malware Config

Signatures

Files

b6f372ebc5cb8971e15e84ccfac4fcf02c6a07f52673c8cbb63c143791d42e44
.exe windows x86

46b128d4ef9c9f52ce3d15cb0fda531a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
VirtualAlloc
IsBadWritePtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
GetCurrentDirectoryW
DeleteFileA
WaitForSingleObject
SetUnhandledExceptionFilter
GetExitCodeProcess
GetCPInfo
LCMapStringW
LCMapStringA
MultiByteToWideChar
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapSize
HeapAlloc
HeapReAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetOEMCP
GetTickCount
GetLastError
Sleep
GetCurrentDirectoryA
CloseHandle
SetEndOfFile
SetFilePointer
CompareFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
SystemTimeToFileTime
GetLocalTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
WriteFile
GetACP
ReadFile
GetFileSize
LocalFree
GetFullPathNameW
GetFullPathNameA
GetTempPathW
GetModuleFileNameW
MoveFileW
CopyFileW
DeleteFileW
GetFileAttributesW
CreateDirectoryW
SetCurrentDirectoryW
SetCurrentDirectoryA
SetFileAttributesW
GetFileTime
GetTimeZoneInformation
CreateFileW
MoveFileA
CopyFileA
GetFileAttributesA
FormatMessageA
GetTempPathA
GetModuleFileNameA
CreateDirectoryA
SetFileAttributesA
CreateFileA
IsBadReadPtr
GetVersionExA
GetProcAddress
LoadLibraryA
LocalAlloc
FreeLibrary
WideCharToMultiByte
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess

user32

RegisterClassExW
LoadCursorA
DialogBoxParamW
CreateWindowExW
SetWindowPos
OffsetRect
LoadStringW
GetMessageA
DispatchMessageA
MessageBoxA
GetDlgItem
SendMessageA
TranslateMessage
PostMessageA
SetTimer
GetDlgItemTextA
LoadStringA
DefWindowProcA
DestroyWindow
BeginPaint
EndPaint
GetDlgItemTextW
SetWindowTextW
MoveWindow
SetDlgItemTextW
EnableWindow
SetDlgItemTextA
EndDialog
PostQuitMessage
MessageBoxW
GetDesktopWindow
GetWindowRect
CopyRect

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
ShellExecuteExW

crypt32

CertCloseStore
CryptDecodeObject
CertFreeCertificateContext
CertNameToStrA

ws2_32

WSAGetLastError
socket
inet_addr
htons
gethostbyname
connect
WSAStartup
ioctlsocket
select
bind
closesocket
shutdown
send
recv

wininet

InternetCombineUrlA

advapi32

CryptReleaseContext
CryptGenRandom
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
GetUserNameA
RegOpenKeyExA

oleaut32

SysFreeString
SysAllocString
SysStringLen

Sections

.text
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46b128d4ef9c9f52ce3d15cb0fda531a

Headers

File Characteristics

Imports

kernel32

user32

shell32

crypt32

ws2_32

wininet

advapi32

oleaut32

Sections

.text Size: 452KB - Virtual size: 450KB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 100KB - Virtual size: 115KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 452KB - Virtual size: 450KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 100KB - Virtual size: 115KB

.rsrc
Size: 8KB - Virtual size: 6KB