infogather[.]sobad

General

Target

infogather.sobad
Size

15KB
MD5

41facd7e877154abec654d4c668a5c01
SHA1

2cb93fb061863c7b7b5a45664f9b9bbb9aaefd9f
SHA256

2616db7b7315dc85745e073ce77f909323cf0901c72ffe1dbdb1def2faa15e76
SHA512

19e6a814981804b0487b7543c6b628ff0a3c54e6e9df43cea2a7155a1d23bfbf30aa90f4098c84b975a51bd4f0b11c693bccc1c1b4d1b405be5249945a8b19ba
SSDEEP

96:IxSnISa4CHsluE6BwSoJaovVLSLoqWSVb+5kW3cdJn1nP5as89rex:IeILHRRVaMzpJn1nPYs89

Score

N/A

Malware Config

Signatures

Files

infogather.sobad
.exe windows x86

Password: infected1

dce8a50ae28db524a23714c7d0ea759f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetApiBufferFree
NetShareEnum

advapi32

IsValidSecurityDescriptor

kernel32

MultiByteToWideChar
WideCharToMultiByte
LocalAlloc
CreateFileW
GetDiskFreeSpaceW
GetLogicalDriveStringsW
SetFilePointer
WriteFile
CloseHandle
ExitProcess
GetComputerNameExW
GetCurrentThreadId
lstrcpyW
lstrcatW
lstrlenA
lstrlenW

user32

MessageBoxA
wsprintfW
wsprintfA

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 627B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected1

dce8a50ae28db524a23714c7d0ea759f

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

advapi32

kernel32

user32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 1KB

.msvcjmc Size: 512B - Virtual size: 283B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 627B

.textbss
Size: - Virtual size: 64KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 1KB

.msvcjmc
Size: 512B - Virtual size: 283B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 627B