0626c2be237afc200c6fa839870011b0390f3dc69f0c78049b84d8c3ec33ac26

Sharing

Copy URL

Twitter E-mail

General

Target

0626c2be237afc200c6fa839870011b0390f3dc69f0c78049b84d8c3ec33ac26
Size

130KB
MD5

3fbc91e14102be188dec34624fd9ed05
SHA1

d208b577f58b2cf5c14094abc1c16120af1c387c
SHA256

0626c2be237afc200c6fa839870011b0390f3dc69f0c78049b84d8c3ec33ac26
SHA512

ff9425e979ecf83bc9745b321d80efb14fc648ecbda805ad22d0baf16a46b1506a9b5118b99bced08bda5d6e573744fd985b5bf37d706f7372bac453ee81dbef
SSDEEP

3072:myyaARp+vGUlvGAa+l+TGIC2it5b53llAoBVT:gRp+vNFGdI+TGdd

Score

N/A

Malware Config

Signatures

Files

0626c2be237afc200c6fa839870011b0390f3dc69f0c78049b84d8c3ec33ac26
.exe windows x86

22a066628301e4b3b946d470cdf2f325

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
FatalAppExitA
GetModuleHandleA
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetCommandLineA
LocalAlloc
VirtualAlloc
WriteFile
SetFilePointer
CloseHandle
AllocConsole
LeaveCriticalSection
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetStringTypeW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion

user32

AppendMenuA
GetClipboardData
SetForegroundWindow
DrawIcon
GetActiveWindow
GetSysColorBrush
FillRect
DrawFrameControl
CreatePopupMenu
WindowFromPoint
DispatchMessageW
TranslateMessage
GetMessageW
LoadIconA
IsIconic
FindWindowW
SetWindowTextW
PostQuitMessage
LoadImageW
DestroyIcon
LoadBitmapA
AppendMenuW
CallWindowProcA
GetMessageA
GetWindowLongA
TrackPopupMenu
GetCursorPos
IsClipboardFormatAvailable

advapi32

RegOpenKeyExA
OpenSCManagerA
CloseServiceHandle
RegDeleteKeyA
RegCreateKeyExA
QueryServiceStatus
RegOpenKeyA
RegCloseKey

ole32

CLSIDFromString
CoCreateInstance
CoInitialize
CoUninitialize
CoRegisterClassObject

ws2_32

WSASocketA
WSAGetOverlappedResult
WSACreateEvent
WSAConnect
send
WSACleanup
socket
WSAStartup

Exports

Exports

NLAchtQCMm
QAJIfyanaSjCttayfPWnkFEx
TVEAuBQvipl
dDhsrBKAyQlh
dyHLhrWUplTgbQwQa
gGQXGzqYVfDuLmcOLJWRRBU
uDVHcLhcrDtU

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22a066628301e4b3b946d470cdf2f325

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 45KB - Virtual size: 69KB

.shared Size: 1024B - Virtual size: 576B

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 45KB - Virtual size: 69KB

.shared
Size: 1024B - Virtual size: 576B