6fa9f224195fe2761bd48e4d25cd3a05d6a1abfe1763a59f0860e5fb024debfe

Sharing

Copy URL Twitter E-mail

General

Target

6fa9f224195fe2761bd48e4d25cd3a05d6a1abfe1763a59f0860e5fb024debfe
Size

121KB
MD5

11e3061939413a06ad8b02d44b7af229
SHA1

e424e38af05d722b1ee220c33e295f0ff2d7b578
SHA256

6fa9f224195fe2761bd48e4d25cd3a05d6a1abfe1763a59f0860e5fb024debfe
SHA512

48f357104b4970f7c0f2d43dbde6f1873370b95629b3583904fbcd9a0ab23014568f2896e2c40750e50500d487940324e1ae47e83ed5d1f92f98ccfad3837311
SSDEEP

3072:A1oy6rYppYeq/sjiVDWt4dxY9t8WVwccQRaoa:dy6rYzYeq/hgCdO9R

Score

N/A

Malware Config

Signatures

Files

6fa9f224195fe2761bd48e4d25cd3a05d6a1abfe1763a59f0860e5fb024debfe
.exe windows x86

bb8da1093e80a1f5936fc49199e0dfeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
VirtualAlloc
TerminateProcess
GetVersionExW
GetThreadLocale
GetStartupInfoA
GetModuleHandleA
SetLastError
IsBadReadPtr

user32

IsChild
DeleteMenu
CreateWindowExA
LoadCursorA
SetMenu
PeekMessageA
PtInRect

msvcrt

log10
exit
towupper
__setusermatherr
_initterm
_except_handler3
__p__fmode
__p__environ
qsort
_controlfp
strchr
__getmainargs
_isctype
_XcptFilter
atol
__p__commode
_acmdln
__set_app_type
_adjust_fdiv
__dllonexit
wcstoul
time

version

GetFileVersionInfoW
VerInstallFileW
VerInstallFileA
VerFindFileW
GetFileVersionInfoSizeW

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ExtractAssociatedIconW
SHAddToRecentDocs
Shell_NotifyIconA

comctl32

ImageList_SetIconSize
ImageList_GetIcon
ImageList_Add
ImageList_DragEnter
ImageList_EndDrag
ImageList_Draw
ImageList_LoadImageW

advapi32

RegQueryInfoKeyA
RegEnumKeyA
DeleteService
RegDeleteKeyW
LookupPrivilegeValueA
OpenServiceW
CryptCreateHash
IsValidSid
InitializeSecurityDescriptor
OpenServiceA
RegEnumKeyW

oleaut32

SysAllocStringByteLen

ole32

CoFreeUnusedLibraries
ReleaseStgMedium
OleRun
CoRegisterClassObject
IIDFromString
OleGetClipboard
PropVariantClear
CoInitializeEx
OleDraw
RegisterDragDrop

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bb8da1093e80a1f5936fc49199e0dfeb

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

version

shell32

comctl32

advapi32

oleaut32

ole32

Sections

.text Size: 78KB - Virtual size: 78KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 26KB - Virtual size: 104KB

.text
Size: 78KB - Virtual size: 78KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 26KB - Virtual size: 104KB