a691f2c15dd5c8202edb5db63a6afdd020bab79bc8d59be3ca6d0449dff426c2

Sharing

Copy URL Twitter E-mail

General

Target

a691f2c15dd5c8202edb5db63a6afdd020bab79bc8d59be3ca6d0449dff426c2
Size

493KB
MD5

3d9e0a159e4dee194a32027d51dcb210
SHA1

5f9b05149321b3e3f87811db3d34e1c1136a77c4
SHA256

a691f2c15dd5c8202edb5db63a6afdd020bab79bc8d59be3ca6d0449dff426c2
SHA512

5f2bd0782183a7cd75eaa1ff7d66847b101f817d3fe660b65614cf71e9b05be103faa2d7231859df1f3af8895cd53d0742c8a8727231fc97d23a446c16d77a03
SSDEEP

12288:JlYi+gBgd8d3Zt93HMByNDcIhh8uvukkGFNh:/Ys1plMBogIhh8uvfkGFNh

Score

N/A

Malware Config

Signatures

Files

a691f2c15dd5c8202edb5db63a6afdd020bab79bc8d59be3ca6d0449dff426c2
.exe windows x86

8a2bf0566fefa6a01ec35b4b85e6b762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iocptcp

TcpCreate
TcpSend
TcpGetLinkAddr
TcpConnect
TcpUninit
TcpDestroy
TcpInit

iocpudp

UdpUninit
UdpInit

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
GlobalFlags
InterlockedExchange
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
GetStdHandle
GetACP
IsValidCodePage
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
TlsAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GetModuleHandleW
TlsFree
LocalReAlloc
LCMapStringA
TlsSetValue
TerminateProcess
GetCurrentProcess
FreeLibrary
GetProcAddress
Sleep
LoadLibraryA
GetComputerNameA
GetVersionExA
GetLastError
CloseHandle
OpenEventA
SetConsoleCtrlHandler
GetModuleHandleA
GetCommandLineA
GetTickCount
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OpenThread
FindResourceA
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
ReadFile
GetFileSize
CreateFileA
lstrlenA
GetEnvironmentVariableA
OpenProcess
GetCurrentProcessId
SetFileAttributesA
SetUnhandledExceptionFilter
FormatMessageA
GetModuleFileNameA
VirtualQuery
IsBadWritePtr
DeleteFileA
CreateDirectoryA
GetLocalTime
GetCurrentThreadId
RemoveDirectoryA
FindClose
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetModuleFileNameW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpA
SetLastError
SetErrorMode
FindNextFileA
WaitForSingleObject
CreateThread
TerminateThread
RaiseException
OutputDebugStringA
SetEvent
UnmapViewOfFile
OpenFileMappingA
CreateFileMappingA
CreateEventA
MapViewOfFile
WritePrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileStringA
LocalFree
MultiByteToWideChar
CreateProcessA
GetTimeZoneInformation
SetSystemTime
FindFirstFileA

user32

PostQuitMessage
DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowTextA
LoadCursorA
GetSysColorBrush
ValidateRect
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetPropA
RemovePropA
GetFocus
IsWindow
GetWindowTextA
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
wsprintfA
DispatchMessageA
TranslateMessage
GetMessageA
GetKeyState
SetMenu
SetForegroundWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
PeekMessageA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSystemMetrics
CharUpperA
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
SendMessageA
GetWindowThreadProcessId
UnhookWindowsHookEx
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetPropA

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

AllocateAndInitializeSid
SetNamedSecurityInfoA
FreeSid
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
SetEntriesInAclA

shlwapi

PathFileExistsA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantInit
VariantChangeType

ws2_32

htons
ntohs
htonl
gethostbyname
ntohl

psapi

EnumProcessModules
EnumProcesses
GetProcessMemoryInfo
GetModuleFileNameExA
GetModuleBaseNameA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

iphlpapi

GetAdaptersInfo

dbghelp

MiniDumpWriteDump

netapi32

Netbios

rpcrt4

UuidCreate

Sections

.text
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a2bf0566fefa6a01ec35b4b85e6b762

Headers

DLL Characteristics

File Characteristics

Imports

iocptcp

iocpudp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oleaut32

ws2_32

psapi

version

iphlpapi

dbghelp

netapi32

rpcrt4

Sections

.text Size: 325KB - Virtual size: 325KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 12KB - Virtual size: 32KB

.rsrc Size: 73KB - Virtual size: 76KB

.text
Size: 325KB - Virtual size: 325KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 12KB - Virtual size: 32KB

.rsrc
Size: 73KB - Virtual size: 76KB