c6eee777e088f69a30a01006b26612a271b78c381d4b275695c91cef33a23b75

General

Target

c6eee777e088f69a30a01006b26612a271b78c381d4b275695c91cef33a23b75
Size

21KB
MD5

7f3b0afc56d15744ab84684c0f7303dc
SHA1

ca22406e9766eb8c91d1d94b238c6e2d04be069f
SHA256

c6eee777e088f69a30a01006b26612a271b78c381d4b275695c91cef33a23b75
SHA512

9aa47b2e5b2cc3472d742b8483e4848e633a65bdba8dc5bfd2edde0e89db57dca7aff6a3b9c1073c0c0053be2bdc2313e9d033543bded978647682d7a1935e21
SSDEEP

384:oUB/M14UQ+ATtvc7pVTWH1X+jzJ8W/wQ+M4eAjYE0W:oUB/M1INipBWVX+jzJHoQ+M4

Score

N/A

Malware Config

Signatures

Files

c6eee777e088f69a30a01006b26612a271b78c381d4b275695c91cef33a23b75
.exe windows x86

dad2e3f0679df919263aea86150e8971

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSASocketA
setsockopt
htonl
sendto
inet_addr
gethostbyname
recv
WSACleanup
WSAGetLastError
closesocket
WSAStartup
socket
htons
connect
send
WSAAsyncSelect

kernel32

GetStartupInfoA
GetCommandLineA
GetProcessHeap
HeapAlloc
GetCurrentProcessId
SetFileAttributesA
GetComputerNameA
GetVersionExA
GetTickCount
GetWindowsDirectoryA
GetCurrentProcess
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
lstrlenA
OpenProcess
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLocalTime
SetPriorityClass
GetLastError
CreateMutexA
Sleep
GetSystemDirectoryA
ExitProcess
WinExec
CopyFileA
DeleteFileA
GetModuleFileNameA
CreateDirectoryA
ResumeThread
CreateThread
WriteFile
CreateFileA
lstrcatA
lstrcpyA
FreeLibrary
LoadLibraryA
MoveFileExA
MoveFileA
GlobalMemoryStatus

user32

DefWindowProcA
ExitWindowsEx
PostQuitMessage
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

msvcrt

fclose
fprintf
_stricmp
strstr
rand
printf
__CxxFrameHandler
strcspn
strncpy
atoi
fopen
sprintf
malloc
_strupr
_strlwr
_itoa

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dad2e3f0679df919263aea86150e8971

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

msvcp60

msvcrt

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 1KB