5cea499a58024849a44c3ef301fd57a985daa1ebbbf22ef1dfa6a4c1207eb7af

Sharing

Copy URL Twitter E-mail

General

Target

5cea499a58024849a44c3ef301fd57a985daa1ebbbf22ef1dfa6a4c1207eb7af
Size

364KB
MD5

6beeedcf0f22ab9982233772957fcfe0
SHA1

aeb5b8a288ac2ee69c8e1504745da1699f8a171a
SHA256

5cea499a58024849a44c3ef301fd57a985daa1ebbbf22ef1dfa6a4c1207eb7af
SHA512

54f03e41f7c355d8205c5cc0f1b069cc62a37231da276ab0a267abf09901d09e50cc100b867065f3ea6d13bb7d71968ffd35c459f3e4bff87854a2695221edaf
SSDEEP

6144:Wz3Py0LasZrZwdFtuU+gv7v84IC2WXI8lJCc6qpzs/GVn6I9+js666u1RI54HHy0:WJDuyU+gv7v8PC2WXISJCchpSGmU

Score

N/A

Malware Config

Signatures

Files

5cea499a58024849a44c3ef301fd57a985daa1ebbbf22ef1dfa6a4c1207eb7af
.exe windows x86

920f2ed10bea14ef500c0b122a4ee76f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
MultiByteToWideChar
lstrlenW
GetLastError
EnterCriticalSection
LockResource
DeleteCriticalSection
CloseHandle
LocalFree
GetSystemInfo
SetProcessAffinityMask
GetFileSize
SetErrorMode
CreateProcessW
QueryPerformanceCounter
GetTickCount
GetVolumeInformationA
Sleep
CreateProcessA
LeaveCriticalSection
GetSystemDirectoryA
GetTempFileNameA
Process32FirstW
GetModuleFileNameA
Process32NextW
CreateToolhelp32Snapshot
GetFileTime
QueryPerformanceFrequency
GetVersionExA
GetWindowsDirectoryW
GetTempPathA
SetEvent
TerminateThread
GetExitCodeThread
CreateEventW
CreateThread
GetModuleFileNameW
WaitForMultipleObjects
FormatMessageW
SizeofResource
WideCharToMultiByte
GetPriorityClass
InitializeCriticalSection
WriteFile
GetProcessHeap
WaitForSingleObject
HeapFree
GetCurrentProcess
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
lstrlenA
ReadFile
HeapReAlloc
FlushFileBuffers
SetEndOfFile
SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleMode
GetConsoleCP
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetExitCodeProcess
SetStdHandle
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
HeapDestroy
HeapSize
InterlockedIncrement
InterlockedDecrement
VirtualProtect
VirtualAlloc
GetProcAddress
GetModuleHandleA
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteFileW
GetLocalTime
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
GetStdHandle
GetFileAttributesW
SetHandleCount
GetFileType
SetFilePointer

advapi32

QueryServiceStatusEx
StartServiceW
ChangeServiceConfig2W
OpenSCManagerW
CloseServiceHandle
CreateServiceW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
StartServiceCtrlDispatcherW

ole32

CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID

ws2_32

WSACloseEvent
WSASetEvent
WSAStartup
getaddrinfo
WSARecv
WSASocketW
WSASend
WSAGetLastError
WSAConnect
WSAEnumNetworkEvents
WSACleanup
WSAGetOverlappedResult
freeaddrinfo
WSACreateEvent
WSASetLastError
closesocket
WSAResetEvent
gethostbyname
WSAEventSelect

user32

UnregisterClassA

Sections

.text
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

920f2ed10bea14ef500c0b122a4ee76f

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

ws2_32

user32

Sections

.text Size: 300KB - Virtual size: 297KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 300KB - Virtual size: 297KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB