c6aab3e4f44deaf8be9497550c03d53f7a4aae99623df8ccdc02eded04854ee1

Sharing

Copy URL Twitter E-mail

General

Target

c6aab3e4f44deaf8be9497550c03d53f7a4aae99623df8ccdc02eded04854ee1
Size

852KB
MD5

d229a332ea87ce334eaa7b67f8ae88dd
SHA1

5190ab015ede11c7608d0af942243596081f12e5
SHA256

c6aab3e4f44deaf8be9497550c03d53f7a4aae99623df8ccdc02eded04854ee1
SHA512

5625104dbb04070e42efef98d4fa1709fab4120a9745db64d8e76a63ea4fafd4af08ee3f14b9f151a7522fad4e6d1d3c462230ee787c6a65b2f84e6da1e6d1e5
SSDEEP

12288:CvX4NYowJJKrngPsvOFFu9YTejpwq+cd9sF8NVcVviO5uJh98Q5riPL1Hb64bBzR:CP4N8JjAO7KjpwEA8NyG6llNN

Score

N/A

Malware Config

Signatures

Files

c6aab3e4f44deaf8be9497550c03d53f7a4aae99623df8ccdc02eded04854ee1
.exe windows x86

503e0f4e1e48f26dbe020e92e51cd34e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocateUserPhysicalPages
WriteProfileSectionA
GetVolumePathNameA
TlsSetValue
FindNextVolumeMountPointW
ConvertFiberToThread
IsSystemResumeAutomatic
FindActCtxSectionGuid
VirtualAlloc
UnmapViewOfFile
_lclose
SetConsoleCursorMode
BeginUpdateResourceA
GetDevicePowerState
GetStringTypeW
QueryDosDeviceA
LoadLibraryA
FindFirstVolumeMountPointA
GetDriveTypeW
GetSystemTimeAsFileTime
MoveFileWithProgressW
IsBadStringPtrA
OpenFileMappingW
GetACP
GlobalAddAtomA
RegisterConsoleVDM
GetComputerNameExW
CreateNamedPipeW
OpenConsoleW
InitializeCriticalSection
GetModuleHandleW
DisconnectNamedPipe
ReadConsoleInputA
FreeConsole
SetCriticalSectionSpinCount
CreateWaitableTimerW
GlobalReAlloc
WriteConsoleInputA
GlobalUnlock
GetModuleFileNameA
QueryPerformanceFrequency
DebugSetProcessKillOnExit

msvcrt

_wexecvpe
_wpopen
isleadbyte
_ismbckata
??_7bad_typeid@@6B@
strtod
??_7exception@@6B@
_wfdopen
tan
__p__acmdln
??0__non_rtti_object@@QAE@PBD@Z
_CIatan2
__CxxUnregisterExceptionObject
$I10_OUTPUT
ispunct
_wexeclpe
_CIsin
qsort
strrchr
_wfullpath
_read
strcpy
strncat

gdi32

EngCreatePalette
GdiAddGlsRecord
EngCheckAbort
BRUSHOBJ_ulGetBrushColor
GdiGetLocalDC
GdiEntry10
DeleteColorSpace
GdiEndDocEMF
DdEntry46
GetDIBColorTable
DdEntry1
GdiConvertRegion
CreateFontIndirectExW
GdiReleaseLocalDC
DdEntry52
XFORMOBJ_bApplyXform
GetRelAbs

shell32

SHGetMalloc

user32

MessageBoxW
EndDialog

Sections

.text
Size: 762KB - Virtual size: 761KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

503e0f4e1e48f26dbe020e92e51cd34e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

gdi32

shell32

user32

Sections

.text Size: 762KB - Virtual size: 761KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 3KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 762KB - Virtual size: 761KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 3KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB