2de9013c1b884dc65695cb4c8bc77f5a41ba86cf5a7cd3af16af7d3d4f1273b4

Sharing

Copy URL Twitter E-mail

General

Target

2de9013c1b884dc65695cb4c8bc77f5a41ba86cf5a7cd3af16af7d3d4f1273b4
Size

112KB
MD5

625789760aef82cb510317018df3a9e8
SHA1

b2e6b5282fe62fd68eb7d426e83efaad6a86037a
SHA256

2de9013c1b884dc65695cb4c8bc77f5a41ba86cf5a7cd3af16af7d3d4f1273b4
SHA512

ba1fc5b0fdc0027f54de25b9e4f3196b7d69a3061188bd77a0efd806f7dc35234f7a1a137e2aa741b47158585c9626970377eb3a732c78ac320d20ab6da7d8be
SSDEEP

1536:X7MlXtsxdZ/gmjAFowk1AEMbX5Kj/fTFixlF5cEvpYX/cTDI/4pR8sXR9/PQq:XgKkcMHHpYTFAFCERc/c3IgRhP/PQ

Score

N/A

Malware Config

Signatures

Files

2de9013c1b884dc65695cb4c8bc77f5a41ba86cf5a7cd3af16af7d3d4f1273b4
.exe windows x86

a4b22273f2dd915f47b33603b4d8bd52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
GetProcAddress
lstrcmpA
DeleteFileA
MoveFileA
GetFileAttributesA
lstrcmpiA
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
CreateDirectoryA
EnterCriticalSection
ResumeThread
SetFileAttributesA
GetFileInformationByHandle
WaitForMultipleObjects
PeekNamedPipe
CreateProcessA
CreatePipe
GetSystemTime
CopyFileA
LeaveCriticalSection
CreateMutexA
ReleaseMutex
DuplicateHandle
GetTickCount
LocalFree
LocalAlloc
VirtualAlloc
TerminateProcess
OpenProcess
GetCurrentProcessId
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
VirtualFree
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingA
OpenFileMappingA
VirtualProtect
MapViewOfFile
SearchPathA
GetCurrentThread
GetSystemDirectoryA
GetCommandLineA
ReadFile
GetComputerNameA
GetSystemInfo
lstrcatA
GetVersionExA
GlobalMemoryStatus
GetDriveTypeA
GetDiskFreeSpaceA
lstrlenA
lstrcpyA
Sleep
GetCurrentProcess
SetPriorityClass
CreateThread
SetThreadPriority
CreateFileA
CloseHandle
GetFileSize
WriteFile
MultiByteToWideChar
lstrcpynA
WaitForSingleObject
SetFilePointer
WideCharToMultiByte
GetModuleHandleA
WriteProcessMemory
CompareStringA
GetFullPathNameA
GetModuleFileNameA

user32

PostThreadMessageA
CreateWindowExA
RegisterClassA
DefWindowProcA
DestroyWindow
SendMessageA
CharUpperA
GetDesktopWindow
MessageBoxA
IsWindow
SetWindowsHookExA
SetKeyboardState
DispatchMessageA
UnhookWindowsHookEx
CallNextHookEx
GetActiveWindow
GetWindowTextA
GetKeyNameTextA
GetKeyboardState
ToAscii
PeekMessageA
GetMessageA
CharToOemA
ExitWindowsEx
wsprintfA

gdi32

GetDIBColorTable
SelectObject
CreateDIBSection
DeleteDC
CreateCompatibleDC
GetDeviceCaps
CreateDCA
BitBlt
DeleteObject

advapi32

RegEnumKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
GetUserNameA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegConnectRegistryA
RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyA
RegCreateKeyA

shell32

SHFileOperationA

wsock32

accept
bind
htons
socket
send
connect
ioctlsocket
recv
__WSAFDIsSet
select
inet_ntoa
listen
WSAStartup
ntohs
gethostname
getsockname
recvfrom
sendto
closesocket
gethostbyaddr
gethostbyname
setsockopt
WSACleanup

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

winmm

PlaySoundA

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.plugins
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4b22273f2dd915f47b33603b4d8bd52

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wsock32

avicap32

winmm

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 24KB - Virtual size: 31KB

.plugins Size: 4KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 31KB

.plugins
Size: 4KB - Virtual size: 4KB