337b875f26e719ce0dbe0f052d886df9c3e0dec4c8f19f1fb737e24fe9ae2473

Sharing

Copy URL Twitter E-mail

General

Target

337b875f26e719ce0dbe0f052d886df9c3e0dec4c8f19f1fb737e24fe9ae2473
Size

65KB
MD5

447a8aec0f9e3f8b1fd01d15c7969740
SHA1

8c0a99299645a118450ec5bd4b7ac2a6b8c9e14e
SHA256

337b875f26e719ce0dbe0f052d886df9c3e0dec4c8f19f1fb737e24fe9ae2473
SHA512

9a9e3761b7826bd132d600203b55559426d7c114154d44efa4548704c414afb4efb6abb590b93b89087649a2493d53bef0f8a8bae96baadf1022a3277c1fb008
SSDEEP

768:P47/+2+/dNy+f2VzUfi4uqD45ykhX6LIm8bcfDDt2Qd30LNIg4BGDwUpf2ZZU5DN:q14uqDQ/X6IIwq30M0kUOOhICBdm0T

Score

N/A

Malware Config

Signatures

Files

337b875f26e719ce0dbe0f052d886df9c3e0dec4c8f19f1fb737e24fe9ae2473
.exe windows x86

07685244641bb2757738adc256385a11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strcmpi
wcslen
??3@YAXPAX@Z
_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_beginthreadex
strncmp
rand
atoi
_CxxThrowException
strchr
strncat
free
realloc
exit
_iob
malloc
strrchr
strncpy
_except_handler3
??2@YAPAXI@Z
__CxxFrameHandler
strstr
_ftol
ceil
memmove
_strnicmp

kernel32

CloseHandle
WaitForSingleObject
ResetEvent
lstrcpyA
LoadLibraryA
CancelIo
Sleep
GetModuleFileNameA
GetLastError
DeleteFileA
lstrlenA
LocalFree
lstrcatA
GetCurrentProcess
TerminateThread
MoveFileA
GetTempPathA
GetSystemDirectoryA
HeapAlloc
VirtualProtect
FreeLibrary
DeviceIoControl
GlobalMemoryStatus
GetSystemInfo
InterlockedDecrement
MultiByteToWideChar
CreateMutexA
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
CreateDirectoryA
SetFileAttributesA
DefineDosDeviceA
lstrcmpiA
GetCurrentThreadId
GetModuleHandleA
GetStartupInfoA
LocalAlloc
GetProcAddress
WideCharToMultiByte
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
RaiseException

user32

OpenInputDesktop
SetThreadDesktop
CloseDesktop
ExitWindowsEx
wsprintfA
GetThreadDesktop
OpenDesktopA
GetUserObjectInformationA
EnumWindows

advapi32

UnlockServiceDatabase
RegisterServiceCtrlHandlerA
SetServiceStatus
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenEventLogA
ClearEventLogA
CloseEventLog
StartServiceA
RegOpenKeyExA
ChangeServiceConfig2A
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
OpenServiceA
LockServiceDatabase
CloseServiceHandle
DeleteService

ws2_32

socket
getsockname
gethostname
send
select
recv
ntohs
closesocket
WSAStartup
WSACleanup
setsockopt
connect
gethostbyname
htons

iphlpapi

GetIfTable

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantClear

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07685244641bb2757738adc256385a11

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ws2_32

iphlpapi

oleaut32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB