2b6e1b5210ac6a578e7afb6157aec04584c4bb2335d91794e00fd373b59b7e1d

Sharing

Copy URL Twitter E-mail

General

Target

2b6e1b5210ac6a578e7afb6157aec04584c4bb2335d91794e00fd373b59b7e1d
Size

217KB
MD5

f6964df1c78ec643212609e9098bd4c6
SHA1

556334a8e0734bd1f32cfd39a3f373dc4bd74083
SHA256

2b6e1b5210ac6a578e7afb6157aec04584c4bb2335d91794e00fd373b59b7e1d
SHA512

25e2f04fbf6b5848d63dccc9c9b577bef06852f34d41b43ad8515227bbf98d0dd9c3a6443f635e14593c3530064a482d08f00a8450af74e762499c348f7a23ff
SSDEEP

3072:AI1RQ/Djl84uOKjfB3TB686U8JfQa0ZifSr7x/PRzmTnRoPUPAx7zMdafCs/S:AYR8fl84SD68T8dEZifaPwTnRk7yqza

Score

N/A

Malware Config

Signatures

Files

2b6e1b5210ac6a578e7afb6157aec04584c4bb2335d91794e00fd373b59b7e1d
.exe windows x86

8f3a842c014dea6fafe472b4e6a9711f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetModuleFileNameA
OutputDebugStringA
CreateMutexA
LoadLibraryExA
MapViewOfFile
UnmapViewOfFile
LocalAlloc
HeapFree
HeapAlloc
GetProcessHeap
OpenFileMappingA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseMutex
InitializeCriticalSection
lstrlenW
RaiseException
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
WriteProcessMemory
SetUnhandledExceptionFilter
lstrlenA
lstrcmpiA
InterlockedDecrement
GetModuleHandleW
CreateEventA
IsDBCSLeadByte
InterlockedIncrement
SizeofResource
LoadResource
FindResourceA
SetEvent
GetCommandLineA
LockResource
FindResourceW
FindResourceExW
CreateFileW
GetCurrentProcessId
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetSystemInfo
GetVersionExA
CreateThread
WaitForSingleObject
Sleep
CreateFileA
WriteFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
TerminateProcess
OpenProcess
WideCharToMultiByte
GetCurrentProcess
CloseHandle
GetLastError
FormatMessageA
LocalFree
SetLastError
GetConsoleCP
SetFilePointer
GetStringTypeW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadFile
GetFileType
SetHandleCount
GetModuleFileNameW
GetStdHandle
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
HeapCreate
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
EncodePointer
VirtualQuery
VirtualAlloc
VirtualProtect
GetFileAttributesA
DecodePointer
ExitProcess
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
GetTickCount
MultiByteToWideChar
SetEndOfFile

user32

CharNextW
EnumChildWindows
CharNextA
CharUpperA
GetClassNameA
EnumWindows
PostThreadMessageA

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegQueryInfoKeyW
RegDeleteValueA
RegDeleteKeyA
InitializeSecurityDescriptor
GetLengthSid
SetSecurityDescriptorDacl
AllocateAndInitializeSid
InitializeAcl
AddAccessAllowedAce
FreeSid
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey

ole32

CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoCreateInstance
OleRun
CoAddRefServerProcess
CoReleaseServerProcess
StringFromGUID2
CoTaskMemAlloc
CoUninitialize

oleaut32

GetErrorInfo
SysStringLen
SysFreeString
VariantClear
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantInit
SysAllocStringLen

wininet

InternetCloseHandle
InternetReadFile
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenUrlA
InternetOpenA

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f3a842c014dea6fafe472b4e6a9711f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

wininet

dbghelp

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 8KB - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 8KB - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 13KB - Virtual size: 12KB