4a37d36bcba261b1775c7e67a52f97dd231848fe2686eeeb3b2146aaf8c21d61

Sharing

Copy URL Twitter E-mail

General

Target

4a37d36bcba261b1775c7e67a52f97dd231848fe2686eeeb3b2146aaf8c21d61
Size

147KB
MD5

72db0e4f107bb2f9a3efcebfae096ea0
SHA1

1010a1ee3ad0efcb8975d345a65f78e76db2ed08
SHA256

4a37d36bcba261b1775c7e67a52f97dd231848fe2686eeeb3b2146aaf8c21d61
SHA512

5a3bce1fa90e574d84433ca9662c72f9a7dec65b15728b5f52a63f86923a858ff999eabe2d7293c1023ecbf01f8d0cc366e6715e21871227244741ec9081df38
SSDEEP

3072:eB1c771+SH6EU36LzybGQhbzlEUKKKKKK/9a9M3K85r:/a4qbGQvEUKKKKKK/9a9MaW

Score

N/A

Malware Config

Signatures

Files

4a37d36bcba261b1775c7e67a52f97dd231848fe2686eeeb3b2146aaf8c21d61
.exe windows x86

33a11bd9f3b3e0d6687b6d950e9c8122

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
GetLastError
CreateMutexA
MoveFileA
RemoveDirectoryA
DeleteFileA
CreateDirectoryA
lstrlenA
GetCommandLineA
GetModuleFileNameA
Sleep
GetLocalTime
GetTickCount
ExpandEnvironmentStringsA
GetFileAttributesExA
CreateThread
WaitForSingleObject
TerminateThread
CloseHandle
GetTempPathA
WriteFile
ReadFile
GetProcessHeap
SetEndOfFile
LoadLibraryA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetFilePointer
HeapReAlloc
VirtualAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetStartupInfoA
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapAlloc
HeapSize
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

GetParent
wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyA

ole32

CoInitialize

shell32

ShellExecuteA

shlwapi

PathGetArgsA
PathFileExistsA
PathIsDirectoryA
PathRemoveBlanksA
PathFindFileNameA

ws2_32

closesocket
__WSAFDIsSet
select
ioctlsocket
htons
socket
gethostbyname
send
connect
recv
WSAStartup

netapi32

Netbios

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33a11bd9f3b3e0d6687b6d950e9c8122

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

shlwapi

ws2_32

netapi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB