54db7cea7912239e3b146a5acfc3fc3400694377c89fb9a3cb9d42c1965695cb

Sharing

Copy URL Twitter E-mail

General

Target

54db7cea7912239e3b146a5acfc3fc3400694377c89fb9a3cb9d42c1965695cb
Size

364KB
MD5

5ff5c5a249a154ef9bed4afb34947a04
SHA1

7acf5e2b2a0cc7bf60895547716bdb9c62988241
SHA256

54db7cea7912239e3b146a5acfc3fc3400694377c89fb9a3cb9d42c1965695cb
SHA512

0227594dd3707e9eba09213bc69f346772baf1b47a8e5044e53092d895cbce908d3a1d90f95a4ab2f21365766e2622ea8a62c0d9b253407d76257bbf841a6f9e
SSDEEP

3072:XNvq1d7aAIyZyfAoLBzS2LhWJxzxAO5A:hGv5Zk7A2LhWJw

Score

N/A

Malware Config

Signatures

Files

54db7cea7912239e3b146a5acfc3fc3400694377c89fb9a3cb9d42c1965695cb
.exe windows x86

4abe1b23250c8a4be23269fbcdebc1cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA
StrNCatA
StrCmpNA
StrRChrA
StrStrA
wnsprintfA
wvnsprintfA
StrToIntA
StrChrA

ws2_32

connect
__WSAFDIsSet
select
socket
htons
inet_addr
recv
closesocket
htonl
send

kernel32

FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
GetStringTypeW
GetStringTypeA
LCMapStringW
lstrcmpA
lstrcpynA
lstrlenA
ExitThread
Sleep
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetLastError
CreateThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapAlloc
GetProcessHeap
CreateProcessA
GetFileSize
CreateFileA
GetTempPathA
GetLocalTime
HeapFree
lstrcpyA
lstrcatA
FormatMessageA
CloseHandle
GetEnvironmentStrings
GetSystemDirectoryA
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
WriteFile
WaitForSingleObject
CreateEventA
ReadFile
lstrcmpiA
GetCurrentProcess
TerminateProcess
OpenProcess
Module32First
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitProcess
GetModuleFileNameA
GetVersionExA
DeleteFileA
CopyFileA
SetErrorMode
SetUnhandledExceptionFilter
CreateMutexA
TerminateThread
SetFilePointer
GetWindowsDirectoryA
GetShortPathNameA
MoveFileExA
MultiByteToWideChar
LCMapStringA
TlsFree
GetLocaleInfoA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsSetValue
TlsAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
TlsGetValue
GetModuleHandleA
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
UnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
GetProcAddress
GetStdHandle
SetHandleCount

user32

SetClipboardData
wsprintfA
CloseClipboard
keybd_event
BlockInput
SetForegroundWindow
SetFocus
ShowWindow
VkKeyScanA
SendMessageA
OpenClipboard
EmptyClipboard

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shell32

ShellExecuteA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4abe1b23250c8a4be23269fbcdebc1cd

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

ws2_32

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 264KB - Virtual size: 264KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 264KB - Virtual size: 264KB

.rsrc
Size: 4KB - Virtual size: 4KB