1c4d8b2f27d95108657145a88eb08d79a75ec5b67704148500c848acf31a261b

General

Target

1c4d8b2f27d95108657145a88eb08d79a75ec5b67704148500c848acf31a261b
Size

76KB
MD5

6781b778edd4b155701d305288d86a9e
SHA1

12337ba8cf38e2292de5d150d40631a193e8028e
SHA256

1c4d8b2f27d95108657145a88eb08d79a75ec5b67704148500c848acf31a261b
SHA512

83370c7f72ca423469b97ece443cc518e5731f3e5b01a6fafeeac54fb70c4ffe04a7d43685fae67bc87dc5f0e385e4d4fcc20041ded378b6b561b2a81bf27bb3
SSDEEP

768:c29FVFXJosygn0mywrLCg7pF896EoFJQjWXlxEuhJ4uHFjsErsGFwXVvPNo3:L9FjXJv0mxr9pF8dwlCufHNsErrmu

Score

N/A

Malware Config

Signatures

Files

1c4d8b2f27d95108657145a88eb08d79a75ec5b67704148500c848acf31a261b
.exe windows x86

a8aa56bebb0267130f92d574984e0da8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

closesocket
WSAStartup
bind
listen
accept
inet_addr
gethostbyname
socket
setsockopt
htons
recv
connect
WSAGetLastError
shutdown
select
__WSAFDIsSet
send
inet_ntoa

kernel32

DeleteCriticalSection
GetCommandLineA
GlobalAlloc
CreateMutexA
CopyFileA
InitializeCriticalSection
CreateThread
ExitThread
Sleep
WaitForSingleObject
GetCurrentProcess
GetProcessHeap
GetTickCount
GetVersion
TerminateThread
GetLastError
GetCurrentThread
GetCurrentProcessId
GetCurrentThreadId

advapi32

RegCloseKey
RegCreateKeyExA
RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

msvcrt

strlen
strcat
rand
realloc
atoi
strchr
strstr
strcpy
_snprintf
free
gmtime
malloc
_time64
_spawnl
sscanf
strncpy
srand
strtok
strrchr
sprintf
exit
_fullpath
_execl
fwrite
fclose
fread
_filelength
fopen
strncmp
isdigit
_strrev

Exports

Exports

time

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8aa56bebb0267130f92d574984e0da8

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

kernel32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 24KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 24KB