b6160659ca2899cf5eadc0e474d95afbf6b10ad7fc64539ff3f9c9489d8a819f

Sharing

Copy URL Twitter E-mail

General

Target

b6160659ca2899cf5eadc0e474d95afbf6b10ad7fc64539ff3f9c9489d8a819f
Size

587KB
MD5

5c69e40024cd0f01192d30c4482ef1ff
SHA1

905e99d1f19d422411bd8a665d2570d547625060
SHA256

b6160659ca2899cf5eadc0e474d95afbf6b10ad7fc64539ff3f9c9489d8a819f
SHA512

3bfbaeb0d148aa49f2aad981c9c6b284780d22de046f7db3670f16541aa05b8f2d241ae264aa7356b717356385663f007c7a2f0216b56c07e627d9e11eac90bc
SSDEEP

12288:hITMhs6G6o6LeyLevijt4riRNHv9vWxInNPsPiqUFad:ths69o6eAeJg9exO0PiqU

Score

N/A

Malware Config

Signatures

Files

b6160659ca2899cf5eadc0e474d95afbf6b10ad7fc64539ff3f9c9489d8a819f
.exe windows x86

ed482adf069e76408329ccc798de0d56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

gdi32

SelectObject
GetStockObject
DeleteDC
GetDeviceCaps
DeleteObject
CreateFontIndirectA
SetBkColor
BitBlt

user32

SetForegroundWindow
DispatchMessageA
IsIconic
GetWindowLongA
CreateWindowExA
FillRect
EndPaint
SetFocus
BeginPaint
KillTimer
GetSystemMetrics
GetWindowRect
PostMessageA
SetWindowLongA
EndDialog
SetWindowTextA
PeekMessageA
GetSubMenu
LoadStringA
ScreenToClient
DefWindowProcA
LoadCursorA
TrackPopupMenu
GetDesktopWindow
GetFocus
MessageBoxA
GetSysColor
SystemParametersInfoA
EnableMenuItem
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
SetCursor
EnableWindow
SetCapture
ShowWindow
GetWindow
IsWindowEnabled
GetDlgItem
TranslateMessage
UpdateWindow
GetParent
GetMessageA
DestroyWindow
ClientToScreen
ReleaseDC
GetCursorPos
GetDC
IsWindow
SetWindowPos
PostQuitMessage
DestroyMenu
MoveWindow
MapWindowPoints
CheckMenuItem

kernel32

GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindFirstFileW
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
LoadLibraryExW
FreeEnvironmentStringsW
GetTempPathA
WideCharToMultiByte
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
GetExitCodeProcess
HeapReAlloc
GetStringTypeW
SetFileAttributesA
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
SetLastError
InterlockedDecrement
GetModuleFileNameW
IsDebuggerPresent
HeapAlloc
FlushFileBuffers
GetModuleFileNameA
LoadLibraryExA
UnhandledExceptionFilter
MultiByteToWideChar
GetLocalTime
CreateMutexA
SetFilePointer
CreateThread
MulDiv
SetEnvironmentVariableA
TerminateProcess
WriteConsoleA
VirtualQuery
CreateEventW
SetEndOfFile
GetVersion
GetFullPathNameA
VirtualAlloc
FindResourceA
Sleep
VirtualFree
HeapCreate
IsValidCodePage
lstrcmpiW
LoadLibraryW
SizeofResource
GetCurrentThreadId
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
SetUnhandledExceptionFilter
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
SetFileTime
LockResource
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
FindResourceW
GetConsoleCP
lstrlenA
GetSystemInfo
UnmapViewOfFile
SetStdHandle
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
CreateProcessA
SetEvent
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
lstrcpyA
GlobalFree
FindNextFileW
lstrcmpA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
GetCPInfo
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
lstrcmpiA
CompareStringA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement

ole32

CoTaskMemAlloc
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysFreeString

msvcrt

_strcmpi
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
exit
_exit
_cexit
free
_controlfp
_except_handler3

Sections

.text
Size: 335KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed482adf069e76408329ccc798de0d56

Headers

File Characteristics

Imports

advapi32

gdi32

user32

kernel32

ole32

oleaut32

msvcrt

Sections

.text Size: 335KB - Virtual size: 335KB

.rdata Size: 127KB - Virtual size: 127KB

.data Size: 122KB - Virtual size: 121KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 335KB - Virtual size: 335KB

.rdata
Size: 127KB - Virtual size: 127KB

.data
Size: 122KB - Virtual size: 121KB

.rsrc
Size: 1KB - Virtual size: 1KB