6b84568ce25ae74bacd0bb7aad5738846ea567180c9139a6de450b82d64e5a1f[.]exe

General

Target

6b84568ce25ae74bacd0bb7aad5738846ea567180c9139a6de450b82d64e5a1f.exe
Size

116KB
MD5

68948dae476419853f49c07511dcb546
SHA1

aedfb15ae6f35992c4dcbceaf34cb072077418b0
SHA256

6b84568ce25ae74bacd0bb7aad5738846ea567180c9139a6de450b82d64e5a1f
SHA512

d536759dde932ff18772bfaf69e2f8d7a6b3997c34f02062c2498e298c7cc5bff6db6ac3155d9b5a8f18e8f8526d0a6706011d1950301272b0a1c21bcda7e6d7
SSDEEP

768:GsfzhGRjG31FIO5JPNXcEuNBMTLV3CD5MIPqkvO7AkHkyAIB:jzhoG31WO5XMNBMm4k27AkH5T

Score

N/A

Malware Config

Signatures

Files

6b84568ce25ae74bacd0bb7aad5738846ea567180c9139a6de450b82d64e5a1f.exe
.exe windows x86

8c7776867b35a63b81d3db047e9e69e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
SetErrorMode
FindNextFileW
GetModuleHandleA
ExitProcess
GetProcAddress
Sleep
WriteFile
SetFileAttributesW
SetEndOfFile
SetFilePointerEx
ReadFile
FlushFileBuffers
GetFileSizeEx
MoveFileW
GetVersion
HeapAlloc
GetCurrentProcess
GetDriveTypeW
GetProcessHeap
LoadLibraryA
GetFileType
DuplicateHandle
GetCurrentProcessId
OpenProcess
CreatePipe
GetCommandLineW
GetLocaleInfoW
GetEnvironmentVariableW
GetModuleFileNameW
PeekNamedPipe
CreateProcessW
Process32FirstW
GetSystemWindowsDirectoryW
SetHandleInformation
Process32NextW
CreateMutexA
CreateToolhelp32Snapshot
CreateDirectoryW
DeviceIoControl
FindFirstFileW
FindClose
GetLastError
CreateFileW
GetFileAttributesW
GetLogicalDrives
CreateThread
WaitForSingleObject
GetVolumeInformationW
TerminateProcess
DeleteCriticalSection
GetExitCodeProcess
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
HeapFree
CloseHandle

advapi32

OpenProcessToken
CryptEncrypt
CryptImportKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
CryptDecrypt
CryptDestroyKey
GetTokenInformation
RegCloseKey
DuplicateTokenEx
RegOpenKeyExA
RegQueryValueExA
SetTokenInformation

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c7776867b35a63b81d3db047e9e69e5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 66KB - Virtual size: 66KB

.ndata Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 66KB - Virtual size: 66KB

.ndata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 4KB