c6c2b90305dcc30d091929d553e698622616b26eca0375061f675bde043a0e1e

General

Target

c6c2b90305dcc30d091929d553e698622616b26eca0375061f675bde043a0e1e
Size

31KB
MD5

f6c8bf8ac68604cb288a7e701ba03483
SHA1

37bc001307c2f9ea85f25d140a4e81128d9f6e75
SHA256

c6c2b90305dcc30d091929d553e698622616b26eca0375061f675bde043a0e1e
SHA512

f5c13f0506b2839485c4b0df4d73c4fc7297c7f0274b67b233880e59d8061d62bea5b69eaabb6d9789034b06f0c9c5869ac148b50977f90da1164edf9bf826ff
SSDEEP

768:OtTV/83Vp5pv8lQvJ7tlWSGxqWTnvX33tWvQy/c:OtTV/8P5ksVglAvQEc

Score

N/A

Malware Config

Signatures

Files

c6c2b90305dcc30d091929d553e698622616b26eca0375061f675bde043a0e1e
.exe windows x86

860701bd80ac40babc72e489192171e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
GetCurrentProcess
ExitThread
SetFilePointer
ResetEvent
ReadFile
CreateMutexA
LocalFree
GetModuleFileNameA
SetPriorityClass
SetEndOfFile
GetModuleHandleA
RegisterServiceProcess
GetPrivateProfileStringA
GetProcAddress
ExitProcess
CopyFileA
LocalReAlloc
CreateProcessA
CloseHandle
WaitForSingleObject
Sleep
CreateThread
CreateFileA
GetLastError
SetCurrentDirectoryA
DeleteFileA
GetFileSize
WriteFile
WritePrivateProfileStringA
lstrcat
lstrcmpi
lstrlen
GetWindowsDirectoryA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

user32

PeekMessageA
DispatchMessageA
TranslateMessage

ws2_32

socket
send
recvfrom
recv
inet_addr
gethostname
gethostbyname
connect
closesocket
bind
WSAStartup
sendto
WSAGetLastError
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent

Sections

CODE
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

860701bd80ac40babc72e489192171e0

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ws2_32

Sections

CODE Size: 15KB - Virtual size: 16KB

DATA Size: 4KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 8KB

CODE
Size: 15KB - Virtual size: 16KB

DATA
Size: 4KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 8KB