f0263cb60a234d23389b65270cba250b21a713d8f4d8264ae36fbbe5580146c1

Sharing

Copy URL Twitter E-mail

General

Target

f0263cb60a234d23389b65270cba250b21a713d8f4d8264ae36fbbe5580146c1
Size

208KB
MD5

d84b40a40d3f05c8a990dc60d1a62b54
SHA1

1ed99565137f303b0af1e3be83edb305289a66c3
SHA256

f0263cb60a234d23389b65270cba250b21a713d8f4d8264ae36fbbe5580146c1
SHA512

7c71251ebf83314127e8a6f157be73caf492c204c9af77f38ca7a28f8fc2eedebde6ba82577c3574bf43e7924cd46e489bb5e6577f224f0a06680c306cb91813
SSDEEP

6144:WdZgfAxKxCQMLRPOxyxd/fuARXblL9MzMhd/kalVhhDeVyxh//8uY+nvOSwHMYDv:Bsq0GsruRDtTSV8

Score

N/A

Malware Config

Signatures

Files

f0263cb60a234d23389b65270cba250b21a713d8f4d8264ae36fbbe5580146c1
.exe windows x86

390691d5818245ccdae175d3620a8b5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAStartup
gethostbyname
gethostname
closesocket
WSAIoctl
WSACancelAsyncRequest
socket
bind
htons
sendto
ntohs
WSAGetLastError
recvfrom
getsockname
shutdown
recv
send
connect

psapi

EnumProcessModules
GetModuleFileNameExA
GetModuleBaseNameA

kernel32

CreateFileA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
FindClose
FindFirstFileA
Process32Next
Process32First
FreeLibrary
GetProcAddress
LoadLibraryA
CreateEventA
ReadFile
WaitForSingleObject
GetModuleFileNameA
CreateThread
WriteFile
ResetEvent
WaitForMultipleObjects
SetFilePointer
GetShortPathNameA
TerminateProcess
OpenProcess
CreateDirectoryA
GetFileSize
GetTickCount
SetFileAttributesA
GetFileAttributesA
DeleteFileA
SetEvent
OpenEventA
CloseHandle
WideCharToMultiByte
GetLocaleInfoW
LocalHandle
GetLocaleInfoA
FindAtomA
TlsFree
Sleep
TerminateThread
GetStartupInfoA
GetModuleHandleA
GlobalAlloc
GlobalFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapLock
HeapWalk
HeapUnlock
HeapFree
HeapAlloc
HeapDestroy
InitializeCriticalSection
GetExitCodeThread
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindNextFileA
GetCurrentProcessId
GetLongPathNameA
GetVolumeInformationA
GetDriveTypeA
CreateProcessA
DuplicateHandle
GetCurrentProcess
CreatePipe
GetExitCodeProcess
HeapCreate

user32

GetDesktopWindow
GetWindow
GetWindowThreadProcessId
PostMessageA
GetWindowTextA
GetMessageA
PostThreadMessageA
FindWindowA
GetSystemMetrics
DestroyWindow
SetWindowPos
SendMessageA
GetWindowLongA
IsWindow

gdi32

CreateDCA
BitBlt
GetObjectA
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits

advapi32

RegOpenKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey

shell32

ShellExecuteA
ExtractAssociatedIconA
SHFileOperationA

ole32

CoInitialize
CoUninitialize
CoCreateGuid
StringFromGUID2
CLSIDFromProgID

gdiplus

GdipGetImageEncoders
GdiplusStartup
GdipGetImageEncodersSize
GdipDisposeImage
GdipSaveImageToFile
GdipLoadImageFromFile
GdipFree
GdiplusShutdown
GdipCloneImage
GdipAlloc

mfc42

ord3571
ord3626
ord2414
ord640
ord665
ord1979
ord5186
ord354
ord5785
ord1641
ord1640
ord323
ord800
ord1601
ord537
ord3663

msvcrt

_purecall
malloc
pow
free
wcscmp
_strupr
_strset
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_ftol
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
rand
srand
memcmp
strchr
memcpy
strlen
strrchr
_CxxThrowException
memset
strcpy
strstr
strcmp
__CxxFrameHandler
sprintf
_acmdln

winmm

timeKillEvent
timeSetEvent

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

390691d5818245ccdae175d3620a8b5b

Headers

File Characteristics

Imports

ws2_32

psapi

kernel32

user32

gdi32

advapi32

shell32

ole32

gdiplus

mfc42

msvcrt

winmm

avicap32

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB