21b1f0b4d9e9bf9b0ddbe4ed091f2f5994fa178b676a6e76ae29c19791158be6

Sharing

Copy URL

Twitter E-mail

General

Target

21b1f0b4d9e9bf9b0ddbe4ed091f2f5994fa178b676a6e76ae29c19791158be6
Size

496KB
MD5

7028d2a4520122598ab9cff574902b9b
SHA1

2522522282c0747a43aecf6cb5eca8ffc84822e8
SHA256

21b1f0b4d9e9bf9b0ddbe4ed091f2f5994fa178b676a6e76ae29c19791158be6
SHA512

11d3bc6f320c5ff96b81af84a2eaddb46d46388547c5d73bcfd7484df0f2c809ff7bb798a693d49b4042c1620f356fb929e32d42672c51862a18c143f0c9b122
SSDEEP

6144:Iis4S8Ok/0i5kMMQmgKE44+4C4sr4NGtJ6erDYRKp4uj4iy4mP4D4X4x4h4p7rvM:RJkk/BuMMvg+mI4PHw4U5luO+Z2j9dpi

Score

N/A

Malware Config

Signatures

Files

21b1f0b4d9e9bf9b0ddbe4ed091f2f5994fa178b676a6e76ae29c19791158be6
.exe windows x86

dd26f4d5c02480d982cff18e46988d14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSACleanup

kernel32

GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
WaitForSingleObject
GetLastError
CreateMutexA
GetCurrentDirectoryA
GetCommandLineA
CloseHandle
ReleaseMutex
HeapDestroy
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
CompareStringW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapFree
HeapAlloc
GetDriveTypeA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetEnvironmentVariableA
GetVersionExA
CompareStringA
HeapCreate
VirtualFree
VirtualAlloc
RtlUnwind
GetFullPathNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FlushFileBuffers
ReadFile
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
GetOEMCP
LCMapStringA
InterlockedDecrement
InterlockedIncrement
CreateFileA
SetFilePointer
GetTimeZoneInformation
GetCPInfo
GetACP
CreateProcessA
LCMapStringW
GetFileAttributesA
GetExitCodeProcess
SetEndOfFile

user32

FindWindowA
MessageBoxA
wsprintfA
PostMessageA

advapi32

RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

Exports

Exports

CreateInterface

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 33.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd26f4d5c02480d982cff18e46988d14

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 33.0MB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 24KB - Virtual size: 96KB

.text Size: 392KB - Virtual size: 392KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 33.0MB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 24KB - Virtual size: 96KB

.text
Size: 392KB - Virtual size: 392KB