b741b3a462f7ddefb4e2486228e5872f070f1f80aff08550bcbd2596d0cf416d

Sharing

Copy URL Twitter E-mail

General

Target

b741b3a462f7ddefb4e2486228e5872f070f1f80aff08550bcbd2596d0cf416d
Size

284KB
MD5

6c413dd8c15d9390b15634c4c27ba430
SHA1

85914c2e667b011ff5129208c15dc0ef5ae67804
SHA256

b741b3a462f7ddefb4e2486228e5872f070f1f80aff08550bcbd2596d0cf416d
SHA512

2c028d8afc534fd5057a3a645406de8c7bb0a82127eff4edbb6caf1a0f5b186e3da74002573329e4e4774dd019babb7414227737c058de494377162e31478b26
SSDEEP

3072:v9ebc361nPcwKxBGlIR/xa9sF120qir2NtyUe74JVS3gE2KpttsG/UvzoI7h+aSA:U432exBAegmI0qiCDoQdzo0naG/

Score

N/A

Malware Config

Signatures

Files

b741b3a462f7ddefb4e2486228e5872f070f1f80aff08550bcbd2596d0cf416d
.exe windows x86

b1963850540881aa8cd7586e865ad5bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
TlsAlloc
TlsFree
Sleep
GetLastError
TlsGetValue
SetWaitableTimer
InterlockedIncrement
GetQueuedCompletionStatus
InterlockedDecrement
InterlockedCompareExchange
SleepEx
TlsSetValue
TerminateThread
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapAlloc
CreateEventA
HeapFree
WaitForSingleObject
SetEvent
LeaveCriticalSection
InterlockedExchange
SetLastError
QueueUserAPC
EnterCriticalSection
InterlockedExchangeAdd
PostQueuedCompletionStatus
WaitForMultipleObjects
CreateIoCompletionPort
DeleteCriticalSection
CloseHandle
CreateWaitableTimerA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
LoadLibraryA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
LocalFree
FormatMessageA
GetSystemTimeAsFileTime
ReleaseSemaphore
GetCurrentThreadId
GetCurrentProcessId
OpenEventA
ResetEvent
ResumeThread
GetTickCount
SystemTimeToFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
GetCommandLineA
RaiseException
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
SetFilePointer

ws2_32

gethostbyname
WSAStartup
WSACleanup
closesocket
ioctlsocket
sendto
inet_addr
htons
socket
gethostname
inet_ntoa

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1963850540881aa8cd7586e865ad5bd

Headers

File Characteristics

Imports

kernel32

ws2_32

iphlpapi

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 12KB - Virtual size: 18KB

.tls Size: 4KB - Virtual size: 2B

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 12KB - Virtual size: 18KB

.tls
Size: 4KB - Virtual size: 2B

.rsrc
Size: 40KB - Virtual size: 39KB