e936df547c8c789c05784a406b9b8b514e5b68dba8d19a34ca69e22be6905c24[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

e936df547c8c789c05784a406b9b8b514e5b68dba8d19a34ca69e22be6905c24.7z
Size

230KB
MD5

ace1691717e153bef5a441efc2eda8b2
SHA1

ccb8280b28a8cdab69a568c9c65f0d1146ba2c47
SHA256

6f77d70403bb4e443877235add9249ab39bc16aa5ab982b073f649c73c1c9a0f
SHA512

152afca921864c5ee704356c8d7c6bb9bbf492dd22b482f0a107f83bd9580f274fa55d22b73b4f20ae6d71ccc833aa315a7112f9a430ab0bca144ce0e603ddb2
SSDEEP

3072:HdOTqoNJsmHhO+C/S4tIsFgBPGCYVoKn4NLU64KkWht253P11ECN3tUqr/ok8vor:9XoNJfh6/LSA58LUdKkWmt5hRaG+d5W

Score

N/A

Malware Config

Signatures

Files

e936df547c8c789c05784a406b9b8b514e5b68dba8d19a34ca69e22be6905c24.7z
.7z .ps1

Password: infected
e936df547c8c789c05784a406b9b8b514e5b68dba8d19a34ca69e22be6905c24
.dll windows x86

Password: infected

7ba9a7ab1962b4e9590266b8d2ff65e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
WSAStartup
inet_addr
WSAGetLastError
htons
shutdown
WSACleanup
recv
socket
closesocket
send
WSAAsyncSelect

kernel32

OutputDebugStringW
LoadLibraryExW
CreateFileA
GetFileSize
GlobalLock
IsBadReadPtr
WriteFile
GlobalAlloc
Sleep
LeaveCriticalSection
GetFileAttributesA
ReadFile
GlobalUnlock
GetLastError
EnterCriticalSection
CloseHandle
SetCurrentDirectoryA
GetCurrentDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDefaultUILanguage
GetSystemDefaultLCID
CopyFileA
VirtualProtect
GetUserDefaultUILanguage
DeleteFileA
OpenProcess
FindFirstFileA
FindClose
FindNextFileA
HeapReAlloc
CreateDirectoryA
SetFilePointer
LCMapStringW
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
DeleteCriticalSection
GetFileType
RtlUnwind
GetTimeZoneInformation
RaiseException
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
FlushFileBuffers
WriteConsoleW
ReadConsoleW
SetEndOfFile
CreateFileW
SetEnvironmentVariableA
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
HeapAlloc
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
MultiByteToWideChar
GetProcessHeap
ExitProcess
GetModuleHandleExW
AreFileApisANSI
WideCharToMultiByte
GetStdHandle
GetModuleFileNameW
HeapSize

user32

DrawTextA
GetClassNameA
EnumWindows
GetWindowThreadProcessId
SetTimer
KillTimer
ClientToScreen
DestroyWindow
CloseClipboard
ToAscii
GetKeyState
IsClipboardFormatAvailable
EnumDisplaySettingsA
GetKeyboardState
OffsetRect
MapVirtualKeyA
GetClipboardData
EmptyClipboard
ClipCursor
OpenClipboard
SetClipboardData
MessageBoxA

gdi32

CreateDIBSection
CreateFontA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
AddFontResourceExA
SetTextColor

advapi32

RegQueryValueExA

shlwapi

StrToIntA

psapi

GetModuleFileNameExA
EnumProcessModules
EnumProcesses

Exports

Exports

Start
_Start@0

Sections

.text
Size: 565KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

7ba9a7ab1962b4e9590266b8d2ff65e7

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shlwapi

psapi

Exports

Exports

Sections

.text Size: 565KB - Virtual size: 564KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 6KB - Virtual size: 90KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 565KB - Virtual size: 564KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 6KB - Virtual size: 90KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 30KB - Virtual size: 30KB