c6e3269369bf20bbebb018c8a529efec0340aaae0bc781f9a7380780703aff2c

Sharing

Copy URL Twitter E-mail

General

Target

c6e3269369bf20bbebb018c8a529efec0340aaae0bc781f9a7380780703aff2c
Size

641KB
MD5

944389e0f5cecf5b9672246a68fe3f1b
SHA1

cb6abcfecba7981da8992bfb46f85ded44a1bfd9
SHA256

c6e3269369bf20bbebb018c8a529efec0340aaae0bc781f9a7380780703aff2c
SHA512

94c4aebddfe730d41b6fbf84abea366db8075bf555cc71400da7321e8446fc4ebc4759e4b8bc9dda53e7e892dc95b9d6d23353a07badbb5dfd4ddb82fb1e2853
SSDEEP

12288:P74EFsKmSlc4BLt5lPChvp/HTI3oDopZGN42HQP5Ue79xnLq:P74EFstSlc45teKsopwN4TPGyBq

Score

N/A

Malware Config

Signatures

Files

c6e3269369bf20bbebb018c8a529efec0340aaae0bc781f9a7380780703aff2c
.exe windows x86

ab3720bea80ad42dc7af1b82fad3592a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

__WSAFDIsSet
inet_addr
recvfrom
getpeername
inet_ntoa
ntohs
gethostbyname
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
accept
htonl
connect
select
setsockopt
socket
htons
bind
listen
WSACreateEvent
WSAEventSelect
ntohl
send
WSAJoinLeaf
WSASocketA
ioctlsocket
gethostname
recv
WSAStartup
WSAGetLastError
WSACloseEvent
sendto
closesocket

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

ole32

CoCreateInstance
CoCreateGuid
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysAllocString
SysStringLen
SysFreeString

kernel32

InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetOEMCP
GetACP
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
HeapReAlloc
GetStdHandle
SetHandleCount
SetEndOfFile
SetStdHandle
SetLastError
TlsAlloc
GetCurrentThreadId
GetVersion
GetCommandLineA
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MoveFileExA
Sleep
MultiByteToWideChar
CreateEventA
CloseHandle
SetEvent
GetTickCount
WaitForSingleObject
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
InterlockedDecrement
QueryPerformanceCounter
GetSystemTime
InterlockedIncrement
CopyFileA
CreateSemaphoreA
OpenSemaphoreA
HeapFree
HeapAlloc
GetProcessHeap
MoveFileA
LocalFree
LocalAlloc
GetSystemDirectoryA
GetVersionExA
GetModuleFileNameA
GetLocalTime
WideCharToMultiByte
FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
CreateProcessA
GetDiskFreeSpaceExA
GetLastError
TerminateProcess
ReadFile
PeekNamedPipe
GetWindowsDirectoryA
GetStartupInfoA
CreatePipe
GetProcAddress
LoadLibraryA
lstrlenA
lstrlenW
CreateThread
RtlUnwind
GetFileType
CreateFileA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetFilePointer
ResumeThread
TlsSetValue
TlsGetValue
ExitThread
CreateDirectoryW
CreateFileW
GetTimeZoneInformation
GetSystemTimeAsFileTime
RaiseException
ExitProcess
GetCurrentProcess

user32

CreateWindowExA
LoadIconA
DefWindowProcA
BeginPaint
GetClientRect
DrawTextA
EndPaint
LoadCursorA
RegisterClassExA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostQuitMessage

advapi32

RegOpenKeyA
RegCloseKey

Sections

.text
Size: 416KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uctvou
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 84KB - Virtual size: 82KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab3720bea80ad42dc7af1b82fad3592a

Headers

File Characteristics

Imports

ws2_32

version

iphlpapi

ole32

oleaut32

kernel32

user32

advapi32

Sections

.text Size: 416KB - Virtual size: 413KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 56KB - Virtual size: 79KB

.rsrc Size: 36KB - Virtual size: 35KB

uctvou Size: 8KB - Virtual size: 4KB

Size: 84KB - Virtual size: 82KB

.text
Size: 416KB - Virtual size: 413KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 56KB - Virtual size: 79KB

.rsrc
Size: 36KB - Virtual size: 35KB

uctvou
Size: 8KB - Virtual size: 4KB