63752418827661061b9a343af88f3e45a1fe6a9a5a5c49a4def8cbd0d8b28a90

General

Target

63752418827661061b9a343af88f3e45a1fe6a9a5a5c49a4def8cbd0d8b28a90
Size

22KB
MD5

711cf1592d12fdba56666ac05e7a8390
SHA1

21950bd95953a3befc686e511f8ec618ee3207a4
SHA256

63752418827661061b9a343af88f3e45a1fe6a9a5a5c49a4def8cbd0d8b28a90
SHA512

f30b5a086092c52a051b924c230795dd0fecedc51f1f5c6d7d05d860a3d78df42502a477074f2c9fcc549f6569f02ac870228d977ccf54c0d06aeb19b07c3882
SSDEEP

384:5Tu6hmKci2bZapnMD1yt/6Ekp/UjWqwQQQss9jYE0W:NiKXkZxpyt/6EuntQQ

Score

N/A

Malware Config

Signatures

Files

63752418827661061b9a343af88f3e45a1fe6a9a5a5c49a4def8cbd0d8b28a90
.exe windows x86

fe39a819015344a6f0918307dacbae54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSASocketA
setsockopt
htonl
sendto
inet_addr
gethostbyname
recv
WSACleanup
WSAGetLastError
closesocket
WSAStartup
socket
htons
connect
send
WSAAsyncSelect

kernel32

GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetCurrentProcessId
SetFileAttributesA
GlobalMemoryStatus
GetProcAddress
LoadLibraryA
FreeLibrary
LocalFree
MapViewOfFile
CloseHandle
UnmapViewOfFile
GetCurrentProcess
GetVersionExA
GetTickCount
Process32Next
Process32First
CreateToolhelp32Snapshot
SetPriorityClass
GetLastError
CreateMutexA
ExitProcess
WinExec
CopyFileA
DeleteFileA
GetModuleFileNameA
CreateDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
ResumeThread
CreateThread
Sleep
WriteFile
CreateFileA
lstrcatA
lstrcpyA
MoveFileExA
GetComputerNameA

user32

wsprintfA
DefWindowProcA
ExitWindowsEx
PostQuitMessage
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

SetEntriesInAclA
SetSecurityInfo
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityInfo

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

msvcrt

fclose
_stricmp
strstr
rand
printf
__CxxFrameHandler
strcspn
strncpy
_itoa
fprintf
fopen
sprintf
malloc
_strlwr
atoi

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe39a819015344a6f0918307dacbae54

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

msvcp60

msvcrt

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 2KB