5741eadfc89a1352c61f1ff0a5c01c06

Sharing

Copy URL

Twitter E-mail

General

Target

5741eadfc89a1352c61f1ff0a5c01c06
Size

75KB
MD5

5741eadfc89a1352c61f1ff0a5c01c06
SHA1

cdff6ddd67f17385f283a0f9e8de76731f11a9b6
SHA256

ea500d77aabc3c9d440480002c3f1d2f2977a7f860f35260edda8a26406ca1c3
SHA512

08104893c726e06c6fe7687394d084365b72cf19e821be0d7a1b094c9a0d54ccea65fd01ea33a1f507680d21c6f98e62e2d765b4a0ce3b3d8d458063bd375063
SSDEEP

1536:03Mz8GuoohIUXrtvWhzNmgrZBVnWw7V15FvV:vwGu/XpOh5mgrVnj7V15Fv

Score

N/A

Malware Config

Signatures

Files

5741eadfc89a1352c61f1ff0a5c01c06
.exe windows x86

2f2316fb946682a102e453a8ae405904

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recvfrom
setsockopt
sendto
bind
WSAStartup
ioctlsocket
recv
send
WSACloseEvent
WSARecv
WSASend
WSAGetLastError
WSAEnumNetworkEvents
gethostname
connect
inet_ntoa
inet_addr
htons
getsockname
shutdown
socket
closesocket
gethostbyname
WSAEventSelect
WSAGetOverlappedResult
WSAWaitForMultipleEvents
getpeername
accept
WSACreateEvent
WSASocketA
listen

shlwapi

PathFileExistsW
StrCmpNW
PathMatchSpecW
PathFindFileNameW
PathFileExistsA
StrChrA
StrStrIA
StrCmpNIA
StrStrW

urlmon

URLDownloadToFileW

wininet

InternetConnectA
InternetOpenUrlW
HttpQueryInfoA
InternetOpenW
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetCrackUrlA

ntdll

memcpy
_chkstk
_aulldiv
RtlUnwind
memmove
mbstowcs
RtlTimeToSecondsSince1980
NtQuerySystemTime
NtQueryVirtualMemory
strstr
isdigit
isalpha
_allshl
_aullshr
memset

msvcrt

rand
srand
_vscprintf

kernel32

MoveFileW
CreateProcessW
GetLocaleInfoA
DuplicateHandle
DeleteCriticalSection
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
InterlockedExchangeAdd
InterlockedIncrement
InterlockedExchange
WaitForSingleObject
InterlockedDecrement
GetCurrentProcessId
HeapSetInformation
GetProcessHeaps
GetSystemInfo
PostQueuedCompletionStatus
HeapValidate
HeapCreate
HeapFree
HeapAlloc
HeapReAlloc
ExpandEnvironmentStringsW
CreateThread
DeleteFileA
CreateMutexA
MoveFileA
GetLastError
CreateEventA
ExitProcess
GetQueuedCompletionStatus
CreateIoCompletionPort
SetEvent
GetVolumeInformationW
SetFileAttributesW
lstrcpyW
DeleteFileW
GetDiskFreeSpaceExW
FindNextFileW
lstrcmpiW
QueryDosDeviceW
RemoveDirectoryW
FindClose
lstrlenA
GlobalLock
GetModuleHandleW
GetTickCount
GlobalAlloc
Sleep
lstrcpynW
ExitThread
MultiByteToWideChar
lstrlenW
GlobalUnlock
GetFileSize
MapViewOfFile
UnmapViewOfFile
WriteFile
InitializeCriticalSection
LeaveCriticalSection
CreateFileW
FlushFileBuffers
EnterCriticalSection
CreateFileMappingW
CloseHandle
FindFirstFileW
GetDriveTypeW
MoveFileExW
CreateDirectoryW
GetLogicalDrives
CopyFileW
GetModuleFileNameW
lstrcmpW

user32

SendMessageA
wsprintfW
IsClipboardFormatAvailable
RegisterClassExW
GetWindowLongW
GetClipboardData
EmptyClipboard
ChangeClipboardChain
SetWindowLongW
CloseClipboard
GetMessageA
FindWindowA
ShowWindow
wsprintfA
SetForegroundWindow
wvsprintfA
TranslateMessage
DefWindowProcA
RegisterRawInputDevices
CreateWindowExW
DispatchMessageA
OpenClipboard
SetClipboardData
SetClipboardViewer

advapi32

RegSetValueExW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExW
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW

ole32

CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f2316fb946682a102e453a8ae405904

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

shlwapi

urlmon

wininet

ntdll

msvcrt

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 9KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 9KB