95c661ff30ac401626a4124c373a2008cae41f5aeecfa738afd01224006e752c

Sharing

Copy URL

Twitter E-mail

General

Target

95c661ff30ac401626a4124c373a2008cae41f5aeecfa738afd01224006e752c
Size

17KB
MD5

71362ccf15f9f4f2259578bdbe2cb7a0
SHA1

04d504e6bedaf2cc26e170aec9f88e27094e6511
SHA256

95c661ff30ac401626a4124c373a2008cae41f5aeecfa738afd01224006e752c
SHA512

46527b8491c62d607f80ea567dd9a61655034dfd387ddd296221b5d945dc4137cb136e434d1e77a036471af6ddd410deb991b95f31b54a1060f532ece84c8a06
SSDEEP

384:nK1LT1AUlZOfG0YFSJfzQYht3cJ8kvre54cZ4XYsiWZf:KEgZOflJ5zQYbMOkzeGcqXYsNf

Score

N/A

Malware Config

Signatures

Files

95c661ff30ac401626a4124c373a2008cae41f5aeecfa738afd01224006e752c
.exe windows x86

b14f6268f7818fcc0e55cea90d6e13b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
Sleep
TerminateProcess
InitializeCriticalSection
ExitProcess
MoveFileA
GetModuleFileNameA
DeleteFileA
lstrcatA
GlobalMemoryStatusEx
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
SetPriorityClass
GetThreadPriority
GetCurrentThread
GetPriorityClass
GetCurrentProcess
lstrcpynA
EnterCriticalSection
GetVersionExA
lstrcpyW
GetTempPathA
CopyFileA
GetSystemDirectoryA
FreeResource
SizeofResource
LoadResource
FindResourceA
CreateFileA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetLastError
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetCurrentProcessId
GetTickCount
TerminateThread
ExitThread
lstrcpyA
WriteFile
PeekNamedPipe
SleepEx
ReadFile
lstrlenA
ExpandEnvironmentStringsA
GetFileAttributesA
CreatePipe
GetStartupInfoA
CreateProcessA
CreateThread
LeaveCriticalSection
CloseHandle

user32

ExitWindowsEx
wsprintfA

advapi32

StartServiceCtrlDispatcherA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegisterServiceCtrlHandlerA
SetServiceStatus
CloseServiceHandle
DeleteService
OpenServiceA
OpenSCManagerA
StartServiceA
RegSetValueExA
CreateServiceA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

msvcrt

_except_handler3
memset
??2@YAPAXI@Z
memcpy
rand
srand
time
atoi
wcstombs
__CxxFrameHandler
??3@YAXPAX@Z

ws2_32

gethostbyname
inet_ntoa
WSAStartup
htonl
WSASocketA
socket
sendto
recv
send
htons
gethostname
inet_addr
connect
closesocket
setsockopt

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
HttpEndRequestA
InternetCloseHandle
InternetOpenUrlA

netapi32

NetUserAdd
NetLocalGroupAddMembers

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b14f6268f7818fcc0e55cea90d6e13b4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

ws2_32

wininet

netapi32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB