1e883c5b0bda2fb4f37d125fa0fdc3509ec34b9b538fa76dc675b5fa4e540cda

General

Target

1e883c5b0bda2fb4f37d125fa0fdc3509ec34b9b538fa76dc675b5fa4e540cda
Size

28KB
MD5

6a462552bcbb07b878734157b5b00226
SHA1

1e94cc27a93d48309d5406bd6fbdc39530c3d63f
SHA256

1e883c5b0bda2fb4f37d125fa0fdc3509ec34b9b538fa76dc675b5fa4e540cda
SHA512

7ea71615e196492bb8dd91f6326dbfbd9c85463d008642a05b2ee50c92eb643ba4c44bf8ca321ff9572a4dbaf6c2dae959dc306ec7717f0f882e40e4a74efcbe
SSDEEP

384:iJzlmZkd7O5llmIotzbRf/jW5zRdBpCXYV/LqMZcyRAWthF2MgVslrS9n1qig5s:iuCxfYzlpz/L7ZcEPJ2MdlUlg5

Score

N/A

Malware Config

Signatures

Files

1e883c5b0bda2fb4f37d125fa0fdc3509ec34b9b538fa76dc675b5fa4e540cda
.exe windows x86

f9b972b659ee3a1b5572f5da9a9ed008

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ioctlsocket
connect
__WSAFDIsSet
setsockopt
gethostname
send
inet_addr
gethostbyname
socket
select
recv
closesocket
ntohs
htons
sendto
gethostbyaddr
inet_ntoa
WSAStartup

ntdll

NtQuerySystemInformation
ZwSystemDebugControl

kernel32

GetLocalTime
SetFileAttributesA
GetSystemTimeAsFileTime
GetComputerNameA
GetVolumeInformationA
WinExec
GetEnvironmentVariableA
lstrcatA
CopyFileA
GetTempPathA
GetTickCount
HeapFree
GetProcessHeap
HeapAlloc
Sleep
lstrcpynA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetCurrentProcess
GetVersionExA
FreeLibrary
GetCurrentProcessId
VirtualFreeEx
VirtualAllocEx
LeaveCriticalSection
EnterCriticalSection
lstrlenA
lstrcpyA
SystemTimeToFileTime
InitializeCriticalSection
GetTimeZoneInformation
FileTimeToLocalFileTime
FileTimeToSystemTime
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
CreateProcessA
CreateMutexA
ExitProcess
OpenMutexA
CreateThread
GetModuleFileNameA

user32

CharToOemA
wsprintfA

advapi32

RegCreateKeyExA
LookupPrivilegeValueA
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
RegSetValueExA
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9b972b659ee3a1b5572f5da9a9ed008

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

ntdll

kernel32

user32

advapi32

shell32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB