05f5493018461db0371d2cd1a1f05a9b238ab9787153aaba1fdcb08cea91cf7c

Sharing

Copy URL Twitter E-mail

General

Target

05f5493018461db0371d2cd1a1f05a9b238ab9787153aaba1fdcb08cea91cf7c
Size

35KB
MD5

718907ecd160809b1f940d146262dcb3
SHA1

5fc361bc432c64e0ef0d077125fa3ec25a3a954b
SHA256

05f5493018461db0371d2cd1a1f05a9b238ab9787153aaba1fdcb08cea91cf7c
SHA512

20e1191379bb44810297c9b3e134648e904968df8286580d6c56106b67e546feb56edec9fb8339b94d58801c10cf06b7bbe6ce31f1c8645b35be2c85de5eb5c8
SSDEEP

384:wgvjbJ3m0iFexZmd0kUOvh6317B7YbC7Ak/3DbojqefgdAn9oP1:ZjbtxTknu3J7H3Dcn9O

Score

N/A

Malware Config

Signatures

Files

05f5493018461db0371d2cd1a1f05a9b238ab9787153aaba1fdcb08cea91cf7c
.exe windows x86

6168d0654bc22cdfc41ea4ba47b2736e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
lstrlenA
GetComputerNameA
GlobalMemoryStatus
GetCurrentProcess
CreateProcessA
GetTempPathA
ExitProcess
DeleteFileA
OpenProcess
GetCurrentThreadId
WriteProcessMemory
VirtualAllocEx
WinExec
lstrcatA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
SetFileAttributesA
GetStartupInfoA
GetModuleHandleA
GetVersionExA
lstrcpyA
ExitThread
FreeLibrary
LoadLibraryA
GetProcAddress
OutputDebugStringA
Sleep
GetTickCount
GetSystemDirectoryA
ReadProcessMemory

user32

ExitWindowsEx
wsprintfA
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
OpenWindowStationA
GetThreadDesktop
GetProcessWindowStation
GetWindowThreadProcessId
SendMessageA
FindWindowExA
FindWindowA

advapi32

RegCreateKeyA
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DeleteService
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegOpenKeyA
StartServiceA
CreateServiceA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
LookupPrivilegeValueA

shell32

ShellExecuteA

ole32

CoCreateGuid

shlwapi

PathFileExistsA

msvcrt

_XcptFilter
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_stricmp
_exit
fseek
printf
strstr
strncpy
strcspn
sprintf
malloc
atoi
_except_handler3
fclose
fputs
fopen
fread

ws2_32

inet_addr
WSAStartup
htons
closesocket
htonl
recv
send
WSAGetLastError
setsockopt
connect
socket
gethostbyname

Sections

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6168d0654bc22cdfc41ea4ba47b2736e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

msvcrt

ws2_32

Sections

.data Size: 33KB - Virtual size: 33KB

.rsrc Size: 512B - Virtual size: 16B

.data
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 512B - Virtual size: 16B