22bfd246b08c234d5ec8d82a7b5896bba5c65a9b870b6a82f436b3a3503f4230

Sharing

Copy URL Twitter E-mail

General

Target

22bfd246b08c234d5ec8d82a7b5896bba5c65a9b870b6a82f436b3a3503f4230
Size

208KB
MD5

6c1a89aece8980ba1901987379865a4b
SHA1

1034f66d66a3928e53e2b8560253a8a7450db974
SHA256

22bfd246b08c234d5ec8d82a7b5896bba5c65a9b870b6a82f436b3a3503f4230
SHA512

1ced69f3b3cd53f11c24155f9b51885e116b452f1142652fb5e5e3c1fb9e4d47f53d12107115750ebb7f87ecd9e7a7fefd6066190d3756f47b764385594b141e
SSDEEP

6144:1el+0LCmoR68643ryrZoIfel36q0QqvceN47z:1L0LCm668643ryrZoEel3t0zcfz

Score

N/A

Malware Config

Signatures

Files

22bfd246b08c234d5ec8d82a7b5896bba5c65a9b870b6a82f436b3a3503f4230
.exe windows x86

15378285981e400e15e65ce35468ce81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
lstrcpyA
WaitForSingleObject
CreateFileW
GetACP
CreateThread
InterlockedDecrement
lstrlenW
GetCurrentProcess
GetSystemTimeAsFileTime
ReleaseSemaphore
WaitForMultipleObjects
GlobalAlloc
HeapFree
GlobalLock
lstrcmpiW
SetUnhandledExceptionFilter
GetFileAttributesW
GetCurrentThread
GetProfileIntA
MultiByteToWideChar
GetPrivateProfileStringW
InterlockedIncrement
lstrlenA
QueryPerformanceCounter
SetThreadPriority
GlobalFree
GetLastError
GetFileSize
GetDiskFreeSpaceW
IsBadCodePtr
HeapAlloc
CreateSemaphoreW
VirtualFree
WriteFile
GetLocaleInfoW
LeaveCriticalSection
GetQueuedCompletionStatus
InterlockedExchange
GetProcessHeap
GetThreadPriority
CloseHandle
LoadLibraryW
GetCurrentProcessId
GetVersionExW
GlobalUnlock
GetTickCount
IsBadReadPtr
lstrcpynW
MulDiv
EnterCriticalSection
GetLocaleInfoA
WideCharToMultiByte
GetFullPathNameW
ResetEvent
SetEndOfFile
ReadFile
DeleteCriticalSection
GetModuleFileNameA
InitializeCriticalSection
GlobalMemoryStatus
GetProcAddress
GlobalFindAtomA
CreateEventW
SetEvent
IsBadWritePtr
GlobalHandle
lstrcpyW
SetFilePointer
FreeLibrary

user32

LoadStringW
DestroyWindow
CheckDlgButton
GetWindowLongW
DefWindowProcW
EnableWindow
CreateDialogParamW
SetCursor
GetDlgItem
ShowWindow
GetAsyncKeyState
CheckRadioButton
ReleaseDC
GetDlgItemInt
SetDlgItemInt
GetDesktopWindow
InvalidateRect
SetDlgItemTextW
SendMessageW
IsWindowVisible
IsRectEmpty
SetWindowLongW
IsWindow
TranslateMessage
ClientToScreen
MoveWindow
PeekMessageW
GetWindowRect
DispatchMessageW
GetClientRect
LoadCursorW
GetDC

netshell

StartNCW
NcIsValidConnectionName
DllGetClassObject

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15378285981e400e15e65ce35468ce81

Headers

File Characteristics

Imports

kernel32

user32

netshell

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 33KB - Virtual size: 6.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 33KB - Virtual size: 6.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB