c6de16553e17669f8dfbb0694fd9dbb187880f7c0775ee8c025ad797c54ea8ab

Sharing

Copy URL Twitter E-mail

General

Target

c6de16553e17669f8dfbb0694fd9dbb187880f7c0775ee8c025ad797c54ea8ab
Size

105KB
MD5

49ef88dee13cca1acd8cf30fa10d3c1a
SHA1

f19399ee10a7bbe0303d3e6eb82ee6e1171fff5e
SHA256

c6de16553e17669f8dfbb0694fd9dbb187880f7c0775ee8c025ad797c54ea8ab
SHA512

09f3a773f51e33e708169bffc827ebbdf6ec309a93cb5edf58389a712c271a8aea445bf2b9cc3975a3324e8d4d696639e7b9237bac6bf1f2d6d416758e0587bf
SSDEEP

1536:xPNRAgT1jHXZxGvmpvwmxee8whLNQ9pb6cHVjT3+ZSGh8LhbGQy7Wm:l5TFnGveBgmOYEcQy7Wm

Score

N/A

Malware Config

Signatures

Files

c6de16553e17669f8dfbb0694fd9dbb187880f7c0775ee8c025ad797c54ea8ab
.exe windows x86

602e731613038f9d1be5cd97623a0e29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
SetLastError
GetProcAddress
LoadLibraryA
OutputDebugStringA
Process32First
OpenProcess
Sleep
CreateSemaphoreA
TerminateProcess
MultiByteToWideChar
lstrcmpiA
CopyFileA
SetFileAttributesA
Process32Next
EnumResourceNamesA
CreateToolhelp32Snapshot
WinExec
DeleteFileA
TerminateThread
CreateThread
WideCharToMultiByte
WaitForSingleObject
GetWindowsDirectoryA
CreateProcessA
SetCurrentDirectoryA
FindFirstFileA
FindClose
FindNextFileA
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileAttributesA
lstrcpyA
LoadLibraryExA
LockResource
CreateFileA
SizeofResource
LoadResource
FreeLibrary
FindResourceA
ReadFile
WriteFile
SetFilePointer
GetCurrentProcessId
CloseHandle
GetVersionExA
GetCurrentThreadId
GetModuleFileNameA
CreateDirectoryA
RaiseException
GetCurrentProcess
LeaveCriticalSection
RtlUnwind
HeapSize
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
ExitProcess
GetModuleHandleA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetProcessHeap
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
HeapFree

user32

RegisterClassA
LoadCursorA
FindWindowA
UpdateWindow
DispatchMessageA
PostMessageA
DefWindowProcA
CreateWindowExA
TranslateMessage
LoadIconA
EnumChildWindows
CreateDesktopA
CloseDesktop
SetWindowPos
ShowWindow
SetThreadDesktop
DestroyWindow
GetMessageA
GetClassNameA
SetTimer

gdi32

GetStockObject

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance

wininet

InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile

ws2_32

connect
inet_ntoa
WSAStartup
inet_addr
send
gethostbyname
closesocket
socket
recv
WSACleanup
htons

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

602e731613038f9d1be5cd97623a0e29

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

ws2_32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 13KB - Virtual size: 59KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 13KB - Virtual size: 59KB

.rsrc
Size: 1KB - Virtual size: 1KB