f5d4809a4a8314c4a9f2e69ccb358d32c953c3a08dd65900e510b397812fc63b

Sharing

Copy URL

Twitter E-mail

General

Target

f5d4809a4a8314c4a9f2e69ccb358d32c953c3a08dd65900e510b397812fc63b
Size

2.5MB
MD5

ec53b5790e673ab0e0229406ae6ca23c
SHA1

e0d8e903c3b9690b174550b627bfe63d04b39f60
SHA256

f5d4809a4a8314c4a9f2e69ccb358d32c953c3a08dd65900e510b397812fc63b
SHA512

a8a78bc1143ea4df40bf192db846dac6f9aa6c3ee10c6aef24c064ed45c8123953ad9ed8eeb15990a2f6e0e39a6ffc206b7649f5c610c67cb4e48d4efd179c05
SSDEEP

49152:JSU7l4pvRjY5fWoXthMHd6AlX/jXtdK+2Z2UEUr5a1T3Cu2xlXxXqKJ:JSU7ap65Jh4hbL52ZL1a17CuGxxN

Score

N/A

Malware Config

Signatures

Files

f5d4809a4a8314c4a9f2e69ccb358d32c953c3a08dd65900e510b397812fc63b
.exe windows x86

8b70a799ff5cf89012d0a76d71670a31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
CreateFileA
DeviceIoControl
GlobalMemoryStatus
GetLastError
GetSystemDEPPolicy
GetModuleHandleW
CreateActCtxA
GetConsoleWindow
GetModuleFileNameA
SetPriorityClass
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
CreateThread
GetComputerNameA
FreeLibrary
CreateFileMappingA
MapViewOfFile
GetLocalTime
GetTickCount
Sleep
LoadLibraryA
GetCurrentThreadId
TerminateThread
WaitForSingleObject
WideCharToMultiByte
MultiByteToWideChar
VirtualFree
VirtualAlloc
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
OpenProcess
GetModuleHandleA
GetProcAddress
CloseHandle
ActivateActCtx

user32

TranslateMessage
GetMessageW
ShowWindow
SetLayeredWindowAttributes
UpdateWindow
SetWindowLongA
SetWindowLongW
CreateWindowExA
CreateWindowExW
RegisterClassW
LoadCursorW
CallWindowProcA
DefWindowProcW
MoveWindow
DispatchMessageW
GetCursorPos
GetWindowRect
DrawTextA
GetWindowLongW
GetDC
GetWindowTextA
EnumDisplayDevicesA
SendMessageW
SendMessageA
GetClientRect
MessageBoxA
GetAsyncKeyState

gdi32

CreatePen
GetObjectW
CreateCompatibleDC
CreateSolidBrush
StretchBlt
Rectangle
SetBkColor
SetTextColor
LineTo
SelectObject
MoveToEx

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ws2_32

socket
closesocket
send
WSAGetLastError
htons
connect
WSAStartup
recv

msvcrt

fgets
vsprintf
__wgetmainargs
_cexit
_exit
exit
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_controlfp
sscanf
tolower
remove
fprintf
fopen
rand
sprintf
free
malloc
strstr
_localtime64
_XcptFilter
fclose
_stricmp
_ftol2_sse
memcpy
memset

comctl32

InitializeFlatSB
FlatSB_SetScrollProp

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 776KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8b70a799ff5cf89012d0a76d71670a31

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

msvcrt

comctl32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 776KB - Virtual size: 2.8MB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 776KB - Virtual size: 2.8MB

.reloc
Size: 10KB - Virtual size: 9KB