7963989b2b66fb2339830622d44da86bb46b8e21fe0e71c2afe85d5a698d8953

Sharing

Copy URL Twitter E-mail

General

Target

7963989b2b66fb2339830622d44da86bb46b8e21fe0e71c2afe85d5a698d8953
Size

847KB
MD5

76c167d239584b0d6731516660c98971
SHA1

383ab9b24ad37ce62bc40e5a94d51120581dfdfe
SHA256

7963989b2b66fb2339830622d44da86bb46b8e21fe0e71c2afe85d5a698d8953
SHA512

ce35a8588449874e787e424db108c59ae796712361156d117a39bc6b4e6aab1eefbbbaaa4d8c9c16ee42d97b994ff08200bde563b83d0bac799f6e964be1b22e
SSDEEP

24576:sUnDzRPxWEgS9jsNjC/6fDzJQZhRnJ/N5pPU3T:sUP7gSVsNT4nv5p

Score

N/A

Malware Config

Signatures

Files

7963989b2b66fb2339830622d44da86bb46b8e21fe0e71c2afe85d5a698d8953
.exe windows x86

7c89e1b8b1544a7bf21141264f09bc52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable
InternalDeleteIpNetEntry
GetIfTable
NhpAllocateAndGetInterfaceInfoFromStack
GetIpStatisticsEx
DeleteIpForwardEntry
_PfRemoveFiltersFromInterface@20
SetTcpEntry
FlushIpNetTable
GetAdaptersAddresses
GetTcpStatisticsEx
SetAdapterIpAddress
DisableMediaSense
GetUdpStatisticsEx
_PfTestPacket@20
NhGetInterfaceNameFromGuid
AllocateAndGetIpAddrTableFromStack
InternalGetIpForwardTable
InternalSetIpStats
GetAdapterIndex
InternalSetTcpEntry
DeleteProxyArpEntry
InternalGetIfTable

msvcrt

_adj_fdiv_m16i
__p___wargv
_wspawnl
??0bad_cast@@AAE@PBQBD@Z
_heapchk
_fpieee_flt
_umask
_wcstoui64
_aexit_rtn
__p__pgmptr
_getdllprocaddr
mktime
??0bad_cast@@QAE@PBD@Z
___lc_handle_func
atan2
_wexecve
__getmainargs
toupper
_strset
tmpnam
calloc

kernel32

FindNextChangeNotification
VirtualAlloc
InitializeCriticalSection
SetCriticalSectionSpinCount
LoadLibraryA
SetConsoleMaximumWindowSize
CreateFileMappingW
CloseHandle
GetUserDefaultLangID
CreateEventW
lstrcmpi
OutputDebugStringA
GetFileInformationByHandle
GetVolumeInformationA
DisconnectNamedPipe
WritePrivateProfileStructA
SetCommConfig
CancelTimerQueueTimer
HeapQueryInformation
SetComputerNameA
GetQueuedCompletionStatus
lstrlenW
GetProcessHeaps
GetModuleHandleW
MapUserPhysicalPages
GetDefaultCommConfigW
GetExpandedNameA
CallNamedPipeW
ConvertThreadToFiber
AddConsoleAliasW
ChangeTimerQueueTimer
GetConsoleAliasesLengthW
EnumSystemLocalesA
UTRegister
CreateConsoleScreenBuffer
FindFirstFileExW
GetConsoleScreenBufferInfo

Sections

.text
Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c89e1b8b1544a7bf21141264f09bc52

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

msvcrt

kernel32

Sections

.text Size: 748KB - Virtual size: 748KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 3KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 748KB - Virtual size: 748KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 3KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB