6fa14de3a47e7e7afdea22a3f454d862e3b671d1fec9f8ad1ccae0e26bd367da

Sharing

Copy URL

Twitter E-mail

General

Target

6fa14de3a47e7e7afdea22a3f454d862e3b671d1fec9f8ad1ccae0e26bd367da
Size

288KB
MD5

dd7f49c7e0b2e6a9cc53b79e396d04d9
SHA1

080c543d42fa502ce86c7b071ddb73cab5558ba8
SHA256

6fa14de3a47e7e7afdea22a3f454d862e3b671d1fec9f8ad1ccae0e26bd367da
SHA512

36c1273e2bee01b686cc232eb63ac83dc4755b8b8e6135efd848335a8e215e7cffefc63872cd9831535c5450421bee0542246cb2fdf98d84e054eab6737ca732
SSDEEP

6144:2PDgD61nXi+aaxeIf4L5iVEGj24MBK/OIqMyovyOp:27gD61nXi+aaxeIQMVEE2f1MyovV

Score

N/A

Malware Config

Signatures

Files

6fa14de3a47e7e7afdea22a3f454d862e3b671d1fec9f8ad1ccae0e26bd367da
.exe windows x86

57fc054a2d76bc5d73b220c4ddae5afe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateFromHDC
GdipDrawImageI
GdipCloneImage
GdipCreateBitmapFromStream
GdipDisposeImage
GdipAlloc
GdipFree
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup

comctl32

InitCommonControlsEx

shlwapi

SHDeleteKeyW

kernel32

FindFirstFileW
FindNextFileW
GetLastError
FindClose
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Process32NextW
OutputDebugStringW
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProcessHeap
SetEndOfFile
LoadLibraryA
RemoveDirectoryW
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
HeapSize
HeapReAlloc
VirtualAlloc
GetStringTypeA
FlushFileBuffers
ReadFile
SetFilePointer
Sleep
CloseHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
DeleteFileW
ExpandEnvironmentStringsW
SetFileAttributesW
CreateThread
CreateFileA
GetConsoleMode
GetConsoleCP
SetStdHandle
MultiByteToWideChar
CreateFileW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
WriteFile
ExitProcess
GetCurrentThreadId
GlobalUnlock
GlobalFree
FindResourceW
SizeofResource
LockResource
LoadResource
GlobalAlloc
GlobalLock
SetLastError
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MoveFileW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetCPInfo
HeapFree
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeW
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

TranslateMessage
DispatchMessageW
GetSystemMetrics
CreateWindowExW
ShowWindow
LoadAcceleratorsW
TranslateAcceleratorW
PostQuitMessage
LoadCursorW
SetFocus
DestroyWindow
DefWindowProcW
MessageBoxW
LoadStringW
SendMessageW
GetMessageW
UpdateWindow
PostMessageW
GetDlgItemTextW
RegisterClassExW
LoadIconW
InvalidateRect
SetWindowPos
SetCursor
EndPaint
ReleaseDC
DrawTextW
GetDC
LoadBitmapW
BeginPaint

gdi32

SetTextColor
SetBkColor
DeleteObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
CreateFontW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW

shell32

ShellExecuteW
SHGetFolderPathW
SHFileOperationW

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57fc054a2d76bc5d73b220c4ddae5afe

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

comctl32

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

version

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 134KB - Virtual size: 133KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 134KB - Virtual size: 133KB

.reloc
Size: 10KB - Virtual size: 10KB