2826ea881030abab73b5d21870d4009524312e4c88b8a1efeb4c0a1ab290b4ca

Sharing

Copy URL Twitter E-mail

General

Target

2826ea881030abab73b5d21870d4009524312e4c88b8a1efeb4c0a1ab290b4ca
Size

1.5MB
MD5

5f9d1080b754d91d857757545b00909c
SHA1

3bc8311f48042a72020b24bf748bc99384922b8d
SHA256

2826ea881030abab73b5d21870d4009524312e4c88b8a1efeb4c0a1ab290b4ca
SHA512

d2952f9415fe9a4b531a8d7b145ab783071271ef68657e58c50659c3632fd2d409ca897e076080d649c6b8d7d90e37be509ff84b9dab71e9a2b9d64730289a64
SSDEEP

24576:tpCiD7ow+oDYGNLkbFvegv7R2YSJGZ43b4B2T:H7ootkbte0R2Yfq3b4B2T

Score

N/A

Malware Config

Signatures

Files

2826ea881030abab73b5d21870d4009524312e4c88b8a1efeb4c0a1ab290b4ca
.exe windows x86

2b73140b6ccf7f5828cac2ebd37ee59a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
DuplicateHandle
PeekNamedPipe
GetEnvironmentVariableA
ResetEvent
FindFirstChangeNotificationA
DeleteFileA
OpenMutexA
CreateMutexA
DeviceIoControl
WaitForSingleObject
LoadLibraryA
SetTapePosition
VirtualProtect
lstrlenA
lstrcmpA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
ReadFile
SetEndOfFile
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetFilePointer
FlushFileBuffers
SetStdHandle
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
WriteFile
CloseHandle
GetLastError
GetStringTypeW
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
GetCurrentProcess
ExitProcess
TerminateProcess

user32

TrackPopupMenu
CreateDialogIndirectParamA
GetForegroundWindow
DefWindowProcA
GetSysColorBrush
CreatePopupMenu
DialogBoxIndirectParamA
GetWindowRect
AppendMenuA
GetActiveWindow
IsDialogMessageA
PostMessageA
DrawFrameControl
SystemParametersInfoA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
GetClientRect
FillRect
GetWindowThreadProcessId

ole32

CoRegisterClassObject
CoRegisterSurrogate
CoInitialize
OleInitialize
OleSetContainedObject

ws2_32

WSACloseEvent
WSAWaitForMultipleEvents
WSASocketA
WSAGetOverlappedResult
WSACreateEvent
WSAConnect
recvfrom
send
ntohs
recv
htons
getservbyname
htonl

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 376KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b73140b6ccf7f5828cac2ebd37ee59a

Headers

File Characteristics

Imports

kernel32

user32

ole32

ws2_32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 404KB - Virtual size: 404KB

.data Size: 376KB - Virtual size: 1.9MB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 404KB - Virtual size: 404KB

.data
Size: 376KB - Virtual size: 1.9MB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB