ad769a6b3d6f5326e72467af33f7a326c2f1bd958e4dbeec0255e294d1772256

Sharing

Copy URL Twitter E-mail

General

Target

ad769a6b3d6f5326e72467af33f7a326c2f1bd958e4dbeec0255e294d1772256
Size

8.6MB
MD5

94582f9faaa1d14f3893352883ded835
SHA1

1525be082bf6f4439372d29b38597832937bbbca
SHA256

ad769a6b3d6f5326e72467af33f7a326c2f1bd958e4dbeec0255e294d1772256
SHA512

a59b133e5e650a02c401743e77d3e91b2fafe364cfb22c4afd8155e73bc5ae5703a8855e12aa2c0119b4258f67813729ed0e5fbf3285d0a76eb769d8c9cafd6b
SSDEEP

196608:DTdtpzM1kMXNaLLdzRoYJKdmDPKlLzFkCQwMr6mF+1u07s6:Hxa1X0lzCYGWPgLlVfmF+1u07P

Score

N/A

Malware Config

Signatures

Files

ad769a6b3d6f5326e72467af33f7a326c2f1bd958e4dbeec0255e294d1772256
.exe windows x86

6b4c61d0923c1aecbfcddabeea5db9e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
FreeLibrary
VirtualFree
LocalAlloc
GetModuleFileNameA
GetFileType
GetCurrentThreadId
GetCurrentProcess
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetLocaleInfoA
GetStdHandle
LoadLibraryExW
GetStringTypeA
UnhandledExceptionFilter
TerminateProcess
InterlockedIncrement
GetProcessHeap
CreateThread
CloseHandle
GetACP
LeaveCriticalSection
AddAtomW
GetCurrentProcessId
CreateEventA
GetCommandLineW
CreateEventW
HeapCreate
ExitProcess
VirtualQueryEx
_lopen
GetTickCount
GetSystemTimeAsFileTime

user32

SetFocus
SystemParametersInfoW
GetDC
IsIconic
LoadIconW
UnregisterClassA
IsWindowVisible
SetForegroundWindow
GetSystemMetrics
MapWindowPoints
UpdateWindow
CopyRect
KillTimer
PostMessageW
DialogBoxParamW
RegisterWindowMessageW
GetDlgCtrlID
CreateWindowExA
EqualRect
DrawFocusRect
DestroyMenu

gdi32

GetTextColor
Escape
CreateMetaFileA
CreatePalette
GetCurrentPositionEx
SetWindowExtEx
GetCurrentObject
SetMapMode
GetWindowExtEx

advapi32

AllocateAndInitializeSid
CopySid
RegSetValueExA
ImpersonateLoggedOnUser
QueryServiceConfigW
GetUserNameA
LookupPrivilegeValueW
CheckTokenMembership
CryptExportKey
RegDeleteValueA
StartServiceW

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler3
_controlfp
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
__setusermatherr

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 422KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b4c61d0923c1aecbfcddabeea5db9e6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

.rdata Size: 142KB - Virtual size: 156KB

.xdata Size: 512B - Virtual size: 100B

.tls Size: 1024B - Virtual size: 3KB

.rsrc Size: 422KB - Virtual size: 422KB

.text
Size: 4.1MB - Virtual size: 4.1MB

.rdata
Size: 142KB - Virtual size: 156KB

.xdata
Size: 512B - Virtual size: 100B

.tls
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 422KB - Virtual size: 422KB