0e5d69f3ae72233ccfb8ce946f9413f9664580c7706a2a1e680898d3d44639f7

Sharing

Copy URL Twitter E-mail

General

Target

0e5d69f3ae72233ccfb8ce946f9413f9664580c7706a2a1e680898d3d44639f7
Size

96KB
MD5

6650426e8a67bd1a20dbe85aabfb5088
SHA1

1ce1b4356d85a8a7dd3bbbff845ccd9314b57ceb
SHA256

0e5d69f3ae72233ccfb8ce946f9413f9664580c7706a2a1e680898d3d44639f7
SHA512

8e281bdbcbfc89d9b7e55acef54b9049c86193a753269b0860bf611d37b3dcdfbd958d2946ba68fb752c0e8364a4368f947ba40a1b21ba9a4e4e3e1b168562e2
SSDEEP

1536:uOGKjael9lj91MyqhfRYElR16o4gh0tgREwWyHPxQlqxYlHTxD:KJ8H93qhfR0ghdEryHP1xYlzx

Score

N/A

Malware Config

Signatures

Files

0e5d69f3ae72233ccfb8ce946f9413f9664580c7706a2a1e680898d3d44639f7
.exe windows x86

5038c5538c85b4c85230c9d600f7ece5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
gethostbyaddr
connect
WSAStartup
socket
htonl
htons
bind
listen
accept
getpeername
inet_ntoa
recv
send
inet_addr
shutdown
closesocket

shlwapi

StrToIntA
StrStrA
StrToIntExA

comctl32

CreateToolbarEx
PropertySheetA
InitCommonControlsEx

kernel32

VirtualProtect
GetStringTypeW
GetStringTypeA
LCMapStringW
GetSystemInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
VirtualQuery
SetStdHandle
MultiByteToWideChar
FlushFileBuffers
lstrcmpA
lstrlenA
WritePrivateProfileStringA
lstrcpyA
ExitProcess
TerminateProcess
CloseHandle
GetModuleHandleA
lstrcpynA
CreateProcessA
DuplicateHandle
GetCurrentProcess
ExitThread
Sleep
ReadFile
PeekNamedPipe
WriteFile
CopyFileA
lstrcatA
CreatePipe
DisconnectNamedPipe
WaitForMultipleObjects
TerminateThread
CreateFileA
GetPrivateProfileStringA
lstrcmpiA
GetWindowsDirectoryA
FreeLibrary
GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetVersionExA
GetModuleFileNameA
SetEvent
WaitForSingleObject
CreateEventA
GetLocalTime
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
LCMapStringA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetFilePointer
HeapSize
GetCPInfo
GetOEMCP
GetACP
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCommandLineA
GetStartupInfoA
DeleteFileA
GetLastError
HeapAlloc
HeapFree
RtlUnwind
InterlockedExchange
GetLocaleInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
CreateThread
SetEndOfFile

user32

PostMessageA
CreateWindowExA
ShowWindow
CreateDialogParamA
GetClientRect
LoadStringA
SetWindowTextA
LoadIconA
SetClassLongA
GetWindowRect
SetWindowLongA
GetWindowLongA
GetMessageA
IsWindow
EndDialog
TranslateMessage
DispatchMessageA
MoveWindow
BeginPaint
EndPaint
GetParent
GetDlgItemTextA
SetTimer
KillTimer
MessageBoxA
SetDlgItemTextA
GetDlgItem
SendMessageA
EnableWindow
DialogBoxParamA
ExitWindowsEx
IsDialogMessageA
IsWindowEnabled

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5038c5538c85b4c85230c9d600f7ece5

Headers

File Characteristics

Imports

ws2_32

shlwapi

comctl32

kernel32

user32

advapi32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 12KB - Virtual size: 8KB