9f20d9b1ffc125c043b2d5b49879b2866804df87cf99eda619086abfe8bd42d8

Sharing

Copy URL Twitter E-mail

General

Target

9f20d9b1ffc125c043b2d5b49879b2866804df87cf99eda619086abfe8bd42d8
Size

152KB
MD5

77652dc8d92da4ce8354861f14ed5370
SHA1

6a2556d18332920d62d299a070cb981b5b7502e1
SHA256

9f20d9b1ffc125c043b2d5b49879b2866804df87cf99eda619086abfe8bd42d8
SHA512

976431cdf02b50ed65f358a1dd7d9ad7f497d683fef59f5c77844a0123636002312703b5d2447fb73e395278bec96fbeac15590b16d2600654c8649fdb49d226
SSDEEP

3072:z4AZVwLbmRxdxCAKh2Xviawxkhjo8wXfyqb66PDsn8uwLZI:zNiSrdNiTawujd0ywu8uwLy

Score

N/A

Malware Config

Signatures

Files

9f20d9b1ffc125c043b2d5b49879b2866804df87cf99eda619086abfe8bd42d8
.exe windows x86

81b8f776ca68791c7c7506087f8facfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateDirectoryA
GetTempPathA
GetLongPathNameA
GetSystemDirectoryA
GetFileAttributesA
UnmapViewOfFile
GetCurrentProcessId
MapViewOfFile
GetLastError
CreateFileMappingA
CloseHandle
GetFileSize
CreateFileA
OutputDebugStringA
LocalFree
FormatMessageA
LoadLibraryA
GetProcAddress
Sleep
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
lstrlenA
SetLastError
InitializeCriticalSection
DeleteCriticalSection
CreateThread
LeaveCriticalSection
EnterCriticalSection
CreateProcessA
CopyFileA
GetModuleFileNameA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetEnvironmentVariableA
SetEnvironmentVariableA
QueryPerformanceCounter
GetCommandLineA
SetCurrentDirectoryA
ReadFile
GetLocalTime
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
WaitForSingleObject
GetExitCodeProcess
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
GlobalFree
GlobalAlloc
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetFilePointer
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
SetUnhandledExceptionFilter
WriteFile
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
HeapSize
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetVersion
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
GetSystemTime
GetTimeZoneInformation
RaiseException
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA

user32

TranslateAcceleratorA
TranslateMessage
DispatchMessageA
FindWindowExA
GetMessageA
KillTimer
SetTimer
GetClassNameA
LoadCursorA
LoadAcceleratorsA
GetWindowThreadProcessId
CreateWindowExA
UnregisterClassA
DefWindowProcA
CallWindowProcA
PostQuitMessage
SendMessageA
DestroyWindow
PostMessageA
RegisterClassExA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

ws2_32

htonl
send
inet_ntoa
htons
recv
inet_addr
recvfrom
sendto
WSAStartup
socket
setsockopt
WSAGetLastError
closesocket
WSACleanup
WSAAsyncSelect
ntohl
ntohs
listen
accept
gethostbyname
bind
__WSAFDIsSet
select
connect
ioctlsocket
shutdown
WSARecvFrom

iphlpapi

GetAdaptersInfo
CreateIpNetEntry
GetBestRoute
GetPerAdapterInfo
GetIpAddrTable

shlwapi

UrlUnescapeA

wininet

InternetCanonicalizeUrlA
InternetGetConnectedState
InternetCrackUrlA

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81b8f776ca68791c7c7506087f8facfd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

iphlpapi

shlwapi

wininet

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 32KB - Virtual size: 50KB

.rsrc Size: 4KB - Virtual size: 816B

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 32KB - Virtual size: 50KB

.rsrc
Size: 4KB - Virtual size: 816B