b6774839da82e3774ff01fecfec8fbd9394d1838f20289fc671917ac1466557d

Sharing

Copy URL Twitter E-mail

General

Target

b6774839da82e3774ff01fecfec8fbd9394d1838f20289fc671917ac1466557d
Size

261KB
MD5

4bafa135003d6843ba3b87c1dbdc8901
SHA1

3e1d835e52133df3ddcf845e654a304859046fca
SHA256

b6774839da82e3774ff01fecfec8fbd9394d1838f20289fc671917ac1466557d
SHA512

893e14aceddbcbd2cdac548b3a3499d55a408c56cb37ad0645d26d80352c37855db65c20c716dd3d20661b27654376a091c6b4ebdcddbb73fa68ffb62f5baf6e
SSDEEP

6144:u3Owugz6Ev0ocbKAy7Jmv3VdQsa6vPfO:u3OCD+KAylm/jQ8G

Score

N/A

Malware Config

Signatures

Files

b6774839da82e3774ff01fecfec8fbd9394d1838f20289fc671917ac1466557d
.exe windows x86

0a55814f352e4f151c44d95841e113c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AddFontResourceA
ExtTextOutW
SetPixel
GetStockObject

kernel32

TlsFree
FileTimeToLocalFileTime
GlobalFree
GetVersion
GetThreadPriority
GetCurrentThreadId
GetCommandLineW
GetCurrentThreadId
CompareFileTime
GlobalAlloc
SetThreadPriority
HeapSize
SuspendThread
CreateThread
HeapCreate
CloseHandle
WriteFileEx
HeapDestroy
GetEnvironmentStringsW
TlsAlloc
GetSystemDirectoryA
CreateFileA
OpenThread
ResumeThread

user32

GetWindowTextA
SetClassLongA
ReleaseCapture
DefFrameProcW
CreatePopupMenu
LoadMenuA
SetScrollInfo
OffsetRect
WaitMessage
ShowCaret
GetMessageA
GetNextDlgTabItem
WindowFromPoint
GetClassInfoW
AppendMenuW
MapWindowPoints
LoadCursorA
CallNextHookEx
SetActiveWindow
GetClientRect
IntersectRect
CheckMenuItem
GetSystemMetrics
IsDialogMessageA
MessageBoxA
GetCursorPos

ntdll

ZwQuerySystemInformation
ZwReadFile
NtCreateSection
RtlGetLastWin32Error
ZwQueryKey
NtMapViewOfSection

colositf

FixstrConstruct
PrintObj
Log
CyStr
R8Err
SetTime
Udt
GetSecondOfMinute
FV
Tan
GetMem8
FpCSngR4
Like
Bool
SetSystemError
R4ForNextCheck
Lbound
PMT
DateStr
rtR4FromErr
R8IntI2
PutMem1
IID_IVbaHost
Set
GosubReturn
LateIdCall
FileSeek
CyErr
InputBox
InputCount
DDB
BstrFromByte
LateIdNamedCallSt
RaiseEvent
TypeName
GetObject
MidStmt
Get3
New
LateMemCall
Fix
BstrFromError
GetDayOfMonth
Command
I4Str
LateIdNamedCall
GetMemStr
LateMemNamedCall
MidStmtB
GetTimer
StrReverse
FpCDblR4
Rgb
TextLike
CurrentDirBstr
QueryInterface
StrDate
rtBstrFromErr
GetErl
LateMemNamedCallLd
CyI2
StrTextCmp
RsetFixstrFree
R8Sgn
DerefAry1
StrAryToUnicode
gUnk
R8
BstrFromFormat
Abs
VerifyObj
MidStmtBstr
CurrentDir
Atn
RecUniToAnsi
SetUnkAddref
CySgn
GetDayOfWeek
ImmediateIf
Array
Int
SetFileAttr
FailedFriend

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a55814f352e4f151c44d95841e113c4

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

ntdll

colositf

Sections

.text Size: 207KB - Virtual size: 207KB

.data Size: 21KB - Virtual size: 20KB

.rsrc Size: 32KB - Virtual size: 36KB

.text
Size: 207KB - Virtual size: 207KB

.data
Size: 21KB - Virtual size: 20KB

.rsrc
Size: 32KB - Virtual size: 36KB