06f7229f4593d24d37edb243d055090af8fac1789a4354ca499a99c4e5e448aa

Sharing

Copy URL Twitter E-mail

General

Target

06f7229f4593d24d37edb243d055090af8fac1789a4354ca499a99c4e5e448aa
Size

182KB
MD5

14cdbbc8e71d481c85e580d26c9d5470
SHA1

8c5ca831b430bd64fc32883f31de8693f4edb562
SHA256

06f7229f4593d24d37edb243d055090af8fac1789a4354ca499a99c4e5e448aa
SHA512

6b0a7c8c0d13a2cbd2aa6e5816921e26de9b9dd90672db9ef8143efcdfdae7f4606f20c30b43150c7fd62ee01debaff228f6bea04360f3eb69b8f1b882ade8b5
SSDEEP

3072:OgxpbZhiSHrP3p1xXV8sR/bhyIWS1jleOQOS0tOvy9SeTabW:OgxpbZhiSLDHRT4SxleOcyPYW

Score

N/A

Malware Config

Signatures

Files

06f7229f4593d24d37edb243d055090af8fac1789a4354ca499a99c4e5e448aa
.exe windows x86

6c16405e59d71472e369102d470d9baa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileA
ExtractIconA
ExtractAssociatedIconW
ShellAboutA
DuplicateIcon
ShellExecuteExW

ole32

CLSIDFromString
IsAccelerator
OleCreateLinkToFileEx
OleTranslateAccelerator
StgSetTimes
OleLoadFromStream
StgIsStorageFile
OleCreate

advapi32

GetSecurityDescriptorGroup
AccessCheckByTypeAndAuditAlarmW
GetSecurityDescriptorLength
RegReplaceKeyW
StartServiceCtrlDispatcherA
ChangeServiceConfigW
LookupPrivilegeDisplayNameA
ControlService
IsTextUnicode

kernel32

LCMapStringW
HeapReAlloc
MultiByteToWideChar
RaiseException
RtlUnwind
GetStringTypeW
HeapSize
CompareStringW
SetEnvironmentVariableA
HeapAlloc
GetStdHandle
LeaveCriticalSection
lstrcatA
SetupComm
ReadConsoleOutputCharacterA
GlobalDeleteAtom
OpenEventA
PrepareTape
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
GetTimeZoneInformation
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
EnterCriticalSection
Sleep
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c16405e59d71472e369102d470d9baa

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

advapi32

kernel32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 112KB - Virtual size: 112KB