2ef997ae4624e13bc3b60f47930d58d3e27ce21acf59467a57518c8c5b7735bf

Sharing

Copy URL Twitter E-mail

General

Target

2ef997ae4624e13bc3b60f47930d58d3e27ce21acf59467a57518c8c5b7735bf
Size

62KB
MD5

054142921672c75c2f748cbf43e99750
SHA1

3ee84601789e6ac08bdd4bade724527b7d752d4e
SHA256

2ef997ae4624e13bc3b60f47930d58d3e27ce21acf59467a57518c8c5b7735bf
SHA512

f340e700dfa72379b5a424101b2c5629e8dcfcd36b85b2001b2edfb085da45f63636ecee62e91f2c8e75c68d3476c68e92be4099fc6cb70e8764c511bf3a133c
SSDEEP

768:+j3lE/Dbg6AS5Nkd83NXkZxCWYWyq96hWQHseXrh8GoJkm4T6HSVQI2aSOg7JrwY:+GrQS13NXw0dnMeBo+m3SlERTj

Score

N/A

Malware Config

Signatures

Files

2ef997ae4624e13bc3b60f47930d58d3e27ce21acf59467a57518c8c5b7735bf
.exe windows x86

b1d55fa515e5a04d4aacd0f14e36c6a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_iob
_setmode
_cexit
__initenv
__getmainargs
_initterm
wcslen
wcscpy
exit
toupper
__setusermatherr
_adjust_fdiv
__p__commode
fprintf
__p__fmode
__set_app_type
_except_handler3
_controlfp
time
strchr
sscanf
_strupr
_c_exit
_exit
sprintf
_XcptFilter
system

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LoadLibraryExA
Sleep
SetThreadUILanguage
LoadLibraryA
OpenProcess
lstrcmpiA
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
FormatMessageW
FormatMessageA
GetCurrentProcess
CloseHandle
LocalFree
GetSystemDirectoryA
GetProcessHeap
HeapFree
GetLastError

dbghelp

SymCleanup

psapi

GetModuleBaseNameA

iphlpapi

GetIcmpStatsFromStackEx
GetUdpStatsFromStackEx
GetTcpStatsFromStackEx
GetIpStatsFromStackEx
AllocateAndGetTcpExTableFromStack
AllocateAndGetTcpExTable2FromStack
AllocateAndGetUdpExTable2FromStack
AllocateAndGetUdpExTableFromStack

user32

CharToOemBuffW
CharToOemBuffA

ws2_32

gethostname
htons
ntohs
WSAStartup
getnameinfo
ntohl

snmpapi

SnmpUtilVarBindFree
SnmpUtilMemFree
SnmpUtilMemAlloc
SnmpUtilOidCpy

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ateqznp
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1d55fa515e5a04d4aacd0f14e36c6a7

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

dbghelp

psapi

iphlpapi

user32

ws2_32

snmpapi

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 41KB - Virtual size: 42KB

ateqznp Size: - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 41KB - Virtual size: 42KB

ateqznp
Size: - Virtual size: 4KB