1662da6d9107b597257c89803d57d8bc5110ba8c43f63e45c36859d16900455a

General

Target

1662da6d9107b597257c89803d57d8bc5110ba8c43f63e45c36859d16900455a
Size

34KB
MD5

774794d0ddfc93be44b1a67d4a4f6730
SHA1

3364297c90bb62d1c66eaf7f6cc3f077953cd2f6
SHA256

1662da6d9107b597257c89803d57d8bc5110ba8c43f63e45c36859d16900455a
SHA512

8c4e05a5b9f63fb6c0c6582ebdd7cb3adb72e9f17abc1bf97b6575c1d1ccfbd5d5b482a85cf0dedfa22b03e7e2849f582ac7258c776e3f1f5367d19c7e09e4e9
SSDEEP

384:6vGwXiN4Xk5tA1uNdungJs8tTYXGS2KbmK2RUb+z8OZTNYLYGiBW/97v1:qGwX4d2kNdS8BYXGS2amKck+FZTNYsW7

Score

N/A

Malware Config

Signatures

Files

1662da6d9107b597257c89803d57d8bc5110ba8c43f63e45c36859d16900455a
.exe windows x86

b1dff8659aade8583161c09fc4fa6690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetOpenUrlW
InternetReadFile
InternetOpenW
InternetGetConnectedState
HttpQueryInfoW

msvcrt

wcsncpy
wcsstr
__CxxFrameHandler
sprintf
_wtoi
wcsrchr
atoi
strstr
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__p___winitenv
exit
_XcptFilter
_exit
sscanf
wcscmp
swprintf
_beginthreadex
??2@YAPAXI@Z
??3@YAXPAX@Z
wcslen

shlwapi

StrCmpIW
StrCatW
StrCpyW
StrCmpW
StrChrA
StrCmpNA
StrCpyNW

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
OpenSCManagerW
CloseServiceHandle
OpenServiceW
ControlService
CreateServiceW
DeleteService
StartServiceCtrlDispatcherW
StartServiceW
ChangeServiceConfig2W
RegisterServiceCtrlHandlerW
SetServiceStatus
QueryServiceStatus
RegDeleteKeyW

ws2_32

inet_ntoa
inet_addr
sendto
socket
htonl
htons
bind
closesocket
recvfrom
WSACleanup
WSAStartup
setsockopt

kernel32

CloseHandle
WriteFile
MultiByteToWideChar
CreateFileW
CopyFileW
GetModuleFileNameW
GetVersionExW
DeleteFileW
GetPrivateProfileStringW
ReadFile
GetFileSize
lstrcpyA
InterlockedDecrement
InterlockedIncrement
lstrlenA
Sleep
GetModuleFileNameA
GetLastError
LocalFree
WinExec

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1dff8659aade8583161c09fc4fa6690

Headers

File Characteristics

Imports

wininet

msvcrt

shlwapi

advapi32

ws2_32

kernel32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 912B

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 912B