c21bd08888f6b3bc33a36e4a36020d25ecf00c1cc81f6e3069c42ec5a0f7af95

General

Target

c21bd08888f6b3bc33a36e4a36020d25ecf00c1cc81f6e3069c42ec5a0f7af95
Size

15KB
MD5

64feac7ec8a8813fff3a6247e677d603
SHA1

879735df760a054e39b59fa04cfadab3026a1c14
SHA256

c21bd08888f6b3bc33a36e4a36020d25ecf00c1cc81f6e3069c42ec5a0f7af95
SHA512

fef31b2211fb668b37961ac2c99f113ba82edaf2dba2029bafb057bb725b6ecc7df596217697f5784649d4358c96ec3de5a58b04d79f5ac8b93a98181cfd30b8
SSDEEP

192:STAWKVNikNtE0YfBQzCVvSzP8xNaXgVjkequPSvoJR3LY23Gae4Li1oynfjrQlR7:S8WfkNVYfzk87awIuKvCKene4Li1w0p4

Score

N/A

Malware Config

Signatures

Files

c21bd08888f6b3bc33a36e4a36020d25ecf00c1cc81f6e3069c42ec5a0f7af95
.exe windows x86

141d0b217bae7582a924a9861e9d3c07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
SetFileAttributesW
CopyFileW
GetModuleFileNameW
CreateProcessA
GetVersionExA
GetSystemInfo
CreateThread
GetTickCount
WriteFile
GetModuleFileNameA
GetTempPathA
GetStartupInfoA
GetModuleHandleA
Sleep
LocalAlloc
CreateFileA
GetFileSize
ReadFile
LocalFree
GetLastError
GetCurrentProcess
CloseHandle

user32

wsprintfA
SendMessageA
FindWindowExA

advapi32

EqualSid
FreeSid
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid

shell32

ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
memset
__CxxFrameHandler
strlen
sprintf
memcpy
strcpy
strcat
_mbsnbcpy
_mbsnbcmp
atol
_mbscmp
??2@YAPAXI@Z
atoi
fclose
fwrite
fopen
strstr
wcscmp
wcscat
mbstowcs
getenv
strcmp
time
strrchr
free
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_strnicmp

secur32

GetUserNameExA

wininet

HttpAddRequestHeadersA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
HttpSendRequestExA
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetConnectA
InternetAttemptConnect
InternetWriteFile
HttpEndRequestA

ws2_32

gethostbyname
inet_ntoa
WSAStartup
gethostname

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

141d0b217bae7582a924a9861e9d3c07

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

secur32

wininet

ws2_32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3.8MB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3.8MB