0b26c58c0790973e9f157a62686c49b62a12b31e72c631449c9a91ce509cfc52

Sharing

Copy URL

Twitter E-mail

General

Target

0b26c58c0790973e9f157a62686c49b62a12b31e72c631449c9a91ce509cfc52
Size

144KB
MD5

4d343ec8fe43950c00b7eb919b27b4e0
SHA1

9feb24efd29519c3e1b08749cd30fbdc17ae21c2
SHA256

0b26c58c0790973e9f157a62686c49b62a12b31e72c631449c9a91ce509cfc52
SHA512

01647b4adee9d08ddedb27ffd2d90b23384c23de60fecca9d46f129f129c235224af217c091e669702c794d59e6b5a66b87d65279a942b4bc26537b639503a97
SSDEEP

3072:eZ+sWM/3C4cf/Q11khG7X1wUfYfuWH3OZRMY1VvD5SPH7:ed3S/Qwhi1wUfGuC3GGwVvEPH7

Score

N/A

Malware Config

Signatures

Files

0b26c58c0790973e9f157a62686c49b62a12b31e72c631449c9a91ce509cfc52
.exe windows x86

60314814e22db52f1623f2541f3bdf7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
recv
WSAStartup
socket
WSACleanup
gethostbyname
closesocket
inet_addr
htons
connect
send

gdi32

SetMapMode
LPtoDP
GetDeviceCaps
DPtoLP
GetStockObject
GetMapMode

kernel32

SetEndOfFile
GetStringTypeW
GetProcessHeap
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
GetModuleHandleA
SetEvent
CreateThread
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetModuleFileNameA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
CompareStringA
GetTempPathA
WaitForSingleObject
CreateEventA
CreateProcessA
MulDiv
GetEnvironmentVariableA
CopyFileA
SetFileAttributesA
GetCommandLineA
GetStringTypeA
GetLocaleInfoA
LCMapStringW
LCMapStringA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
CompareStringW
SetEnvironmentVariableA
GetTickCount
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapAlloc
GetLastError
HeapFree
GetCurrentProcess
CreateDirectoryA
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetModuleHandleW
GetProcAddress
ExitProcess
RaiseException
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
SetFilePointer
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetFullPathNameA
GetCurrentDirectoryA

user32

GetWindowDC
SetWindowTextA
MessageBoxA
InvalidateRect
GetTitleBarInfo
GetDesktopWindow
GetWindowRect
MoveWindow
PostQuitMessage
SetFocus
DefWindowProcA
BeginPaint
EndPaint
CreateIconFromResourceEx
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60314814e22db52f1623f2541f3bdf7a

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

gdi32

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 16KB - Virtual size: 24KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 16KB - Virtual size: 24KB