b6f3f7d2cd86e0ac9deb40d0f8cf3eb2ab3b43901ceed6511df5dbf3cc7f9489

Sharing

Copy URL

Twitter E-mail

General

Target

b6f3f7d2cd86e0ac9deb40d0f8cf3eb2ab3b43901ceed6511df5dbf3cc7f9489
Size

27KB
MD5

b723b5259c96501fdca373302249f85e
SHA1

b2fd9c6a54c6ec9ecec1c6f595c0da892a95b685
SHA256

b6f3f7d2cd86e0ac9deb40d0f8cf3eb2ab3b43901ceed6511df5dbf3cc7f9489
SHA512

3f47ef28099046b0b32dd03292322af73eeed8cc1fe16c5d9b57750f37087cfd66bd305a8c50ab07052b773fc242a8cd580a9d4cab72e323cd9659aad0106a8e
SSDEEP

384:ndxXu8ki/m0H8ujmJzZSp0/Udt0RnUeLa//f2bg3Gs3Epno94:nTC0H8ujmJNSp0/U3gn1Mfug3mg4

Score

N/A

Malware Config

Signatures

Files

b6f3f7d2cd86e0ac9deb40d0f8cf3eb2ab3b43901ceed6511df5dbf3cc7f9489
.dll windows x86

c5eba3fbc3e4abec5b7cd2e4b3c3d482

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceGammaRamp
ArcTo
CreateBrushIndirect
Pie
GdiSetLastError
CreatePatternBrush
GetCharacterPlacementA
SetROP2
EndPage
DeleteEnhMetaFile

kernel32

GetProfileSectionW
VirtualAlloc
EscapeCommFunction
EnumDateFormatsA
CreateEventW
HeapValidate
ExitProcess
InterlockedIncrement
GetModuleHandleA
GetCurrentDirectoryA
ClearCommError
HeapAlloc
VirtualFree
GlobalCompact
GetCommandLineA
GetProcessHeap
GetCurrentProcess

advapi32

RegQueryInfoKeyA
GetTrusteeNameA
RegEnumKeyA

ntdll

ZwCreateMutant

comctl32

ImageList_BeginDrag
ImageList_DrawEx

ole32

OleDestroyMenuDescriptor
HBRUSH_UserFree
FreePropVariantArray
CoLockObjectExternal
ReleaseStgMedium
CoDisconnectObject

version

VerLanguageNameW
VerInstallFileW
VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
VerFindFileW
VerInstallFileA
VerQueryValueA

user32

CheckRadioButton
RealChildWindowFromPoint
DdeInitializeA
LoadMenuA
CharToOemBuffW
GetKeyNameTextW
GetDesktopWindow
ExitWindowsEx

msvcrt

__p___winitenv
iscntrl
_dup2
_mbccpy
__doserrno
atol
_ctype
_onexit

Exports

Exports

Fbqbaaseu
BowirocrL

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5eba3fbc3e4abec5b7cd2e4b3c3d482

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

ntdll

comctl32

ole32

version

user32

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 5KB - Virtual size: 22KB

.rdata Size: 10KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 5KB - Virtual size: 22KB

.rdata
Size: 10KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 1KB