afb5c34beaa2044d6de084fb537b29ec2f50e084e4486f544e749482afef0ea8

Sharing

Copy URL Twitter E-mail

General

Target

afb5c34beaa2044d6de084fb537b29ec2f50e084e4486f544e749482afef0ea8
Size

68KB
MD5

6716995e65f8d137528a3cbdf930faa0
SHA1

e4adbb12b9cf82278cf79d81f4bf72baaa92f96b
SHA256

afb5c34beaa2044d6de084fb537b29ec2f50e084e4486f544e749482afef0ea8
SHA512

427c46829ff8130ba8141d0a33d40b5dba1ee1c1286866499ec87ab9d336c2b6c43a0d982daadcbfdc1051cd16ee4d3020ec2ed69fbfdc73938ad34c947a5194
SSDEEP

768:zHIRfXCdXlieoqEFAb9DTGbJMGca6/hF0PZYfsmI5Vz5m6p+RfUIaxPj:zQCBlieoqfhfGXc70afsmqVN+Bk

Score

N/A

Malware Config

Signatures

Files

afb5c34beaa2044d6de084fb537b29ec2f50e084e4486f544e749482afef0ea8
.exe windows x86

9540fba4f22e49acdd6c5b295278286c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
SetErrorMode
CreateMutexA
CopyFileA
GetModuleFileNameA
GetSystemTime
GetCurrentThreadId
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
WriteFile
ReadFile
GetFileSize
CreateFileA
OpenEventA
GlobalMemoryStatus
CreatePipe
DisconnectNamedPipe
TerminateProcess
LocalFree
LocalAlloc
PeekNamedPipe
WaitForMultipleObjects
GetCurrentProcess
lstrcmpiA
GetModuleHandleA
GetSystemDirectoryA
GetSystemInfo
lstrcatA
DeleteFileA
MoveFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateThread
lstrcpyA
GetVersionExA
lstrlenA
InitializeCriticalSection
WinExec
CreateProcessA
GetFileAttributesA
GetLastError
Sleep
CancelIo
InterlockedExchange
SetEvent
ResetEvent
WaitForSingleObject
CloseHandle
CreateEventA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
GetStartupInfoA

user32

OpenWindowStationA
GetProcessWindowStation
GetMessageA
PostThreadMessageA
GetInputState
SetProcessWindowStation
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA
ExitWindowsEx
wsprintfA
CloseDesktop
EnumWindows
GetWindowTextA
IsWindowVisible

advapi32

DeleteService
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
StartServiceA
CreateServiceA

msvcrt

_adjust_fdiv
_strupr
_strnicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_strcmpi
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??3@YAXPAX@Z
memcpy
memmove
ceil
_ftol
strlen
strstr
__CxxFrameHandler
memset
??2@YAPAXI@Z
memcmp
_CxxThrowException
strrchr
malloc
atoi
strcat
free
strcpy
strchr
exit
_except_handler3
strncat
_beginthreadex
calloc
??1type_info@@UAE@XZ

ws2_32

recv
gethostname
WSAStartup
getsockname
send
closesocket
select
socket
gethostbyname
htons
connect
setsockopt
WSACleanup
WSAIoctl

urlmon

URLDownloadToFileA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

avicap32

capGetDriverDescriptionA

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9540fba4f22e49acdd6c5b295278286c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

ws2_32

urlmon

wininet

avicap32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 2KB