115dbcdc36ab0d6e77745a06c4734529164768cab100e5b3361cc6cc47d9251d

Sharing

Copy URL Twitter E-mail

General

Target

115dbcdc36ab0d6e77745a06c4734529164768cab100e5b3361cc6cc47d9251d
Size

96KB
MD5

3838302276bf3c84ab117722810e8720
SHA1

f42f52ef5e938de32ac7ad2bd650fea0b5c3d519
SHA256

115dbcdc36ab0d6e77745a06c4734529164768cab100e5b3361cc6cc47d9251d
SHA512

b2de728bdd53dce1c037344eae2a67bfaad1587683ea0a51bfb72215d3f4964cca3269258dbbc4caa3dc6521bbcb967e83992f014a03e02ee820dfc35ef82c4b
SSDEEP

1536:q6F5GFQKHfHIMg8Wb4xEcWUmbDggaSEFb16kVRP8Nc8Qs4lqx3YnZgumqlIO/gci:pFKQ8vbgHIhoQgEzHX8Nc8QsHAZXmqlk

Score

N/A

Malware Config

Signatures

Files

115dbcdc36ab0d6e77745a06c4734529164768cab100e5b3361cc6cc47d9251d
.exe windows x86

1d07f02b4047489407cd8ba747500e89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
_onexit
__dllonexit
bsearch
tolower
strncat
strerror
atoi
_errno
wcsncmp
_iob
fputs
_getch
fputc
modf
strncmp
realloc
__p__environ
__p__wenviron
malloc
free
_close
wcslen
wcscpy
srand
_ftol
rand
_pctype
__mb_cur_max
_isctype
printf
exit
_getpid
strchr

kernel32

LoadLibraryExW
SetErrorMode
EnterCriticalSection
FormatMessageA
GetEnvironmentVariableW
GetCurrentDirectoryW
GetExitCodeProcess
TerminateProcess
GetSystemTimeAsFileTime
UnlockFileEx
UnlockFile
LockFileEx
LockFile
Sleep
SetEvent
ReleaseMutex
DeleteCriticalSection
CloseHandle
SetStdHandle
SetFilePointer
GetLastError
CreateFileW
GetOverlappedResult
CancelIo
WaitForSingleObject
DeviceIoControl
GetFileInformationByHandle
GetStdHandle
SetLastError
CreateEventA
ReadFile
PeekNamedPipe
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GlobalFree
GetCommandLineW
TlsAlloc
TlsFree
LocalFree
GetFileType
GetFullPathNameW
FindClose
FindFirstFileW
GetFileAttributesExW
GetVersionExA
GetProcAddress
LoadLibraryA
LeaveCriticalSection
FreeLibrary
InitializeCriticalSection

advapi32

CryptGenRandom
CryptAcquireContextA
GetSecurityInfo
GetNamedSecurityInfoA
GetNamedSecurityInfoW
CryptReleaseContext
FreeSid
AllocateAndInitializeSid
GetEffectiveRightsFromAclW

wsock32

closesocket
recv
accept
inet_ntoa
send
connect
bind
socket
shutdown
__WSAFDIsSet
select
ioctlsocket
listen
getsockname
WSAGetLastError
ntohl
WSAStartup
WSACleanup

shell32

CommandLineToArgvW

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d07f02b4047489407cd8ba747500e89

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

wsock32

shell32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.drdata Size: 20KB - Virtual size: 20KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.drdata
Size: 20KB - Virtual size: 20KB