97caf552439b90eff4729f4f7e7d670cc16edcb3d028ce9a2241c1c216300d58

Sharing

Copy URL

Twitter E-mail

General

Target

97caf552439b90eff4729f4f7e7d670cc16edcb3d028ce9a2241c1c216300d58
Size

1.2MB
MD5

46b1b3724e2c6cbbefaf1de37c3be920
SHA1

ce5b4233a154f8e4eb0738bffe35f59d42e9a3bc
SHA256

97caf552439b90eff4729f4f7e7d670cc16edcb3d028ce9a2241c1c216300d58
SHA512

889916a95035f5de917f34fb4286c44ffb03dcdc2c5628ccfc0e7cf60770fb54813d26a8f7aeeaf3d094462d09fa0a6004ac77fda28c940d56de58b906601038
SSDEEP

24576:eSO7nDJaueI/kB9kSkzdCnNOcl8Feqqa0OBS+n7h5vs8yLoq:u7nVaueI/kB9kcnqmOBp95vs8y

Score

N/A

Malware Config

Signatures

Files

97caf552439b90eff4729f4f7e7d670cc16edcb3d028ce9a2241c1c216300d58
.exe windows x86

b29b854c1e4a2f9f82a5097b0b088407

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleInformation
ReleaseMutex
GetLastError
CreateMutexA
GetTickCount
GetProcessTimes
GetCurrentProcess
GetModuleHandleA
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
SetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateFileA
ReadFile
WriteFile
DeviceIoControl
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
GetFullPathNameA
HeapFree
DeleteFileA
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
DuplicateHandle
GetFileType
CreateFileW
GetDriveTypeW
MoveFileA
MoveFileW
GetFileAttributesW
DeleteFileW
ExitThread
ResumeThread
CreateThread
DeleteCriticalSection
FatalAppExitA
VirtualProtect
GetSystemInfo
GetEnvironmentVariableA
HeapDestroy
SetErrorMode
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
SetFilePointer
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
RtlUnwind
GetTimeZoneInformation
FlushFileBuffers
LCMapStringA
LCMapStringW
SetStdHandle
CreatePipe
GetExitCodeProcess
SetEndOfFile
GetFullPathNameW
SetEnvironmentVariableW
GetStringTypeA
GetStringTypeW
CompareStringA
GetCPInfo
CompareStringW
GetACP
GetOEMCP
InitializeCriticalSection
InterlockedExchange
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetCurrentDirectoryW
GetLocaleInfoW
LocalFileTimeToFileTime
SetFileTime
GetCommandLineW
WideCharToMultiByte
MultiByteToWideChar
UnlockFile
LockFile
ReleaseSemaphore
CreateSemaphoreA
SetConsoleTitleA
HeapCreate
GetEnvironmentVariableW
SetEvent
CreateEventA
ResetEvent
WaitForSingleObject
CloseHandle
Sleep
GetWindowsDirectoryA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualQuery
GetVersion
SystemTimeToFileTime

user32

DialogBoxIndirectParamA
CreateDialogIndirectParamA
wsprintfA
GetClientRect
ScreenToClient
MoveWindow
ShowWindow
SetWindowTextA
SetFocus
GetFocus
GetParent
EndDialog
MessageBoxA
GetActiveWindow
GetDlgItemTextA
GetDlgItemTextW
EnableWindow
GetWindowRect
GetDlgItem
SendMessageA
GetWindowLongA
MessageBeep
SetDlgItemTextA
GetSystemMetrics

netapi32

Netbios

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
GetUserNameA
GetUserNameW
RegEnumKeyExA
RegisterEventSourceA
DeregisterEventSource
ReportEventA
RegDeleteValueA

comdlg32

GetOpenFileNameA

comctl32

ord17

wsock32

WSAGetLastError
WSACleanup
__WSAFDIsSet
select
connect
socket
htons
getprotobyname
recv
send
inet_ntoa
setsockopt
ntohs
inet_addr
gethostbyaddr
gethostbyname
htonl
ntohl
gethostname
closesocket
ioctlsocket
accept
getsockname
listen
bind
getservbyname
WSAStartup

Sections

.text
Size: 948KB - Virtual size: 945KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b29b854c1e4a2f9f82a5097b0b088407

Headers

File Characteristics

Imports

kernel32

user32

netapi32

advapi32

comdlg32

comctl32

wsock32

Sections

.text Size: 948KB - Virtual size: 945KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 76KB - Virtual size: 145KB

_TEXT_HA Size: 68KB - Virtual size: 66KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 948KB - Virtual size: 945KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 76KB - Virtual size: 145KB

_TEXT_HA
Size: 68KB - Virtual size: 66KB

.rmnet
Size: 60KB - Virtual size: 60KB