6ec662e3218e38860276c69c864c6407cb72fe64ce3d0a43cc38e69a8856e52e

Sharing

Copy URL Twitter E-mail

General

Target

6ec662e3218e38860276c69c864c6407cb72fe64ce3d0a43cc38e69a8856e52e
Size

2.5MB
MD5

34b83bf38b9521fcc926a8c655c9d64e
SHA1

8b433ad39362413a047e5b11a37a61d48fe7da6f
SHA256

6ec662e3218e38860276c69c864c6407cb72fe64ce3d0a43cc38e69a8856e52e
SHA512

8ff1b80b369561bf2a4cf4e6c82bf09111ed6dc9a6df1afd0c6d5bb7383a7fe311830da66408b4c30c3c628c7178ed910d4a93ca3b2add1bc467609eb9aba364
SSDEEP

49152:r6GwVz5R32YOuopj7dkTNNtLboJhMBDx6xC2Cexbn8Jajh:rfwVz54/dcbwa6C2Cexbn8Jajh

Score

N/A

Malware Config

Signatures

Files

6ec662e3218e38860276c69c864c6407cb72fe64ce3d0a43cc38e69a8856e52e
.exe windows x86

9b4963c60d39fb138cdc96451c474c4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
Sleep
GetDiskFreeSpaceExW
InterlockedIncrement
VirtualAllocEx
VirtualFreeEx
InterlockedExchange
GlobalLock
GlobalUnlock
InterlockedDecrement
OutputDebugStringW
FlushInstructionCache
CreatePipe
GetStartupInfoW
SetEnvironmentVariableW
SleepEx
DuplicateHandle
ReleaseMutex
TerminateThread
FormatMessageW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateProcessA
CreateFileA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetCurrentDirectoryA
GetFullPathNameA
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileAttributesA
GetTimeZoneInformation
GetStringTypeW
GetSystemTimeAsFileTime
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStartupInfoA
GetFileType
SystemTimeToTzSpecificLocalTime
GetConsoleMode
GetConsoleCP
GetStdHandle
HeapCreate
IsValidCodePage
GetOEMCP
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LocalFree
SetLastError
ReleaseSemaphore
VirtualAlloc
SetFileAttributesW
VirtualFree
FileTimeToSystemTime
GetFileTime
GetCurrentThreadId
FreeResource
MoveFileExW
CreateProcessW
SetEvent
OpenEventW
QueryDosDeviceW
GetLogicalDriveStringsW
GetPrivateProfileStringW
CreateDirectoryW
GetFileAttributesW
TerminateProcess
WaitForSingleObject
GetCurrentProcess
MoveFileW
DeleteFileW
GlobalFree
GlobalAlloc
GetVersionExW
GetWindowsDirectoryW
ReadProcessMemory
WritePrivateProfileStringW
OutputDebugStringA
SystemTimeToFileTime
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetModuleFileNameA
WaitForMultipleObjects
RaiseException
SetFilePointer
SetEndOfFile
ResetEvent
CreateThread
CreateEventW
GetCurrentProcessId
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileIntW
ExpandEnvironmentStringsW
Module32NextW
Module32FirstW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
lstrlenA
lstrlenW
GetExitCodeProcess
SetHandleCount
GetSystemDirectoryW
GetFileSize
WriteFile
ReadFile
CreateFileW
SetErrorMode
CopyFileW
GetLocalTime
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
FindResourceExW
CreateMutexW
CloseHandle
GetCommandLineW
GetModuleHandleW
LockResource
LoadResource
SizeofResource
FindResourceW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
GetStringTypeA

user32

SetFocus
GetNextDlgTabItem
GetMonitorInfoW
MonitorFromPoint
PostMessageW
GetFocus
IsChild
IsDialogMessageW
GetWindow
GetWindowLongW
RegisterWindowMessageW
DestroyMenu
BeginPaint
EndPaint
MonitorFromWindow
ScreenToClient
ExitWindowsEx
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
BringWindowToTop
SetForegroundWindow
GetDesktopWindow
FindWindowW
FindWindowExW
SendMessageW
GetWindowRect
InvalidateRect
DrawTextW
DispatchMessageW
PostThreadMessageW
PeekMessageW
TranslateMessage
SetWindowLongW
GetLastInputInfo
IsWindowVisible
EnumWindows
MapWindowPoints
GetDC
ReleaseDC
CreateWindowExW
DefWindowProcW
LoadCursorW
RegisterClassExW
LoadBitmapW
LoadImageW
IsWindow
UpdateLayeredWindow
SetRectEmpty
SetCursor
PtInRect
SetRect
GetDlgCtrlID
ShowWindow
SetWindowPos
GetDlgItem
DestroyIcon
GetParent
OffsetRect
IsIconic
IsRectEmpty
MoveWindow
DestroyWindow
ClientToScreen
SetCapture
ReleaseCapture
InflateRect
LoadIconW
IsWindowEnabled
SetTimer
KillTimer
GetClientRect
CopyRect
IntersectRect
EqualRect
GetSystemMenu
DeleteMenu
PostQuitMessage
GetCursorPos
SetWindowTextW
CallWindowProcW
DrawIconEx
SetWindowRgn
GetSystemMetrics
GetClassInfoExW
GetActiveWindow
EnableWindow
SystemParametersInfoW
SetActiveWindow
CreatePopupMenu
TrackPopupMenuEx
AppendMenuW
GetMessageW
UnregisterClassA

gdi32

CreateRoundRectRgn
CreateRectRgnIndirect
GetTextExtentPoint32W
TextOutW
RoundRect
Rectangle
ExtSelectClipRgn
GetClipRgn
SetViewportOrgEx
GetViewportOrgEx
SetStretchBltMode
GetTextColor
GetCurrentObject
SelectClipRgn
SetBkMode
RestoreDC
SaveDC
LineTo
MoveToEx
OffsetRgn
GetStretchBltMode
SetTextColor
CreateBitmap
CreateCompatibleBitmap
CreateDIBSection
CombineRgn
CreateRectRgn
StretchBlt
BitBlt
ExtTextOutW
SetBkColor
CreateCompatibleDC
CreateFontIndirectW
GetStockObject
GetObjectW
DeleteObject
GetDeviceCaps
DeleteDC
SelectObject
CreatePen
RectInRegion

advapi32

StartServiceW
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CloseEventLog
ReadEventLogW
OpenEventLogW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl

shell32

SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW

ole32

CreateStreamOnHGlobal

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime

shlwapi

PathIsDirectoryW
PathFindFileNameW
StrToIntW
PathAddBackslashW
PathAppendW
StrToIntA
PathFileExistsW
PathRemoveFileSpecW

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipGetFontSize
GdipGetFamily
GdipGetImagePixelFormat
GdiplusShutdown
GdiplusStartup
GdipCloneBitmapArea
GdipCreateHBITMAPFromBitmap
GdipDeleteFont
GdipCreateFont
GdipImageRotateFlip
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipSetClipHrgn
GdipSetClipPath
GdipDrawImagePointsRectI
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipDrawImageRectI
GdipDrawImageI
GdipMeasureString
GdipDrawString
GdipFillPath
GdipFillRectangleI
GdipFillRectangle
GdipGraphicsClear
GdipDrawPath
GdipDrawRectangleI
GdipDrawLinesI
GdipDrawLine
GdipRotateWorldTransform
GdipScaleWorldTransform
GdipTranslateWorldTransform
GdipResetWorldTransform
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetCompositingQuality
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipAddPathStringI
GdipAddPathPieI
GdipAddPathRectangleI
GdipAddPathRectangle
GdipAddPathArcI
GdipClosePathFigure
GdipDeletePath
GdipCreatePath
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetPenDashStyle
GdipSetPenMode
GdipSetPenEndCap
GdipSetPenStartCap
GdipDeletePen
GdipCreatePen1
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipDisposeImage
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipAlloc
GdipDeleteFontFamily
GdipFree
GdipCreateBitmapFromScan0

ws2_32

gethostbyname
WSACleanup
inet_ntoa
inet_addr
WSAGetLastError
closesocket
send
getsockname
ntohs
bind
htons
getsockopt
setsockopt
connect
WSASetLastError
socket
select
ioctlsocket
WSAStartup
recv
__WSAFDIsSet

psapi

GetModuleFileNameExW

iphlpapi

IcmpSendEcho
IcmpCloseHandle
GetNetworkParams
IcmpCreateFile

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b4963c60d39fb138cdc96451c474c4e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

ws2_32

psapi

iphlpapi

version

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 216KB - Virtual size: 215KB

.data Size: 20KB - Virtual size: 26KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 216KB - Virtual size: 215KB

.data
Size: 20KB - Virtual size: 26KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB