33379979fe354b26a88051f4cd28ce99a03a8e00a16764118c70b5a4b9397f56

Sharing

Copy URL

Twitter E-mail

General

Target

33379979fe354b26a88051f4cd28ce99a03a8e00a16764118c70b5a4b9397f56
Size

162KB
MD5

01002450f7df9f0b90056cfe330d3968
SHA1

400865a26d05900943d1e5e3a2347a52fc7fad7c
SHA256

33379979fe354b26a88051f4cd28ce99a03a8e00a16764118c70b5a4b9397f56
SHA512

481d46d1137533dc0fcb822c2ffd273e4990904543f2c6afa6a2d9a6de805f8d75f7368252a4f71fbb9a346304c8f0ab003df6572c3f59a04ab1052619d72754
SSDEEP

3072:66vWuLsdylHCgyiavLlAJY9LMMuZ5PFIJV:63uAQzyZvLlhlMnD9

Score

N/A

Malware Config

Signatures

Files

33379979fe354b26a88051f4cd28ce99a03a8e00a16764118c70b5a4b9397f56
.exe windows x86

d607a4f1f8161f0070b747423f49a6e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateSemaphoreA
GetModuleFileNameA
VirtualProtect
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetModuleHandleA

wsnmp32

ord300
ord201
ord203
ord903
ord105
ord101
ord605
ord601
ord220
ord400
ord501
ord500
ord600
ord301
ord606
ord204
ord205
ord120
ord103
ord902
ord604
ord107
ord302
ord206
ord104
ord603
ord602
ord100
ord202
ord901
ord102
ord320
ord900
ord200
ord222
ord402
ord221
ord106
ord904
ord401
ord504

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d607a4f1f8161f0070b747423f49a6e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wsnmp32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 30KB - Virtual size: 94KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 30KB - Virtual size: 94KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB