f4e1124981dcfcccc35f0d99df5131b909afd7b6041c9a8c0bd036ce616a4e5b

Sharing

Copy URL Twitter E-mail

General

Target

f4e1124981dcfcccc35f0d99df5131b909afd7b6041c9a8c0bd036ce616a4e5b
Size

752KB
MD5

4e36244f15e08d2302e11c645848e537
SHA1

56b0f57eb7ea6936c684addb6ab76d4b6c6dc0c7
SHA256

f4e1124981dcfcccc35f0d99df5131b909afd7b6041c9a8c0bd036ce616a4e5b
SHA512

a69c0ffa7e3a19682be4d15110ef97b786236726563347ad7e7c14cc4afc130dc641b168ee91bd3cb21e4049aee23d4cd55887c593ee56525f4492fe78883a14
SSDEEP

12288:wradmOY+H59nhjl8ucHFxjZhLvo2oaPC/Xu8bOqzPlv3OWGe:wradmOznhJ8u0FxVhQDf1FN3/

Score

N/A

Malware Config

Signatures

Files

f4e1124981dcfcccc35f0d99df5131b909afd7b6041c9a8c0bd036ce616a4e5b
.exe windows x86

d25feca455937e4971426792034617c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasEnumConnectionsA

iphlpapi

GetBestRoute
GetIfTable
GetIpForwardTable
GetAdaptersInfo

ws2_32

connect
bind
htons
htonl
closesocket
shutdown
accept
listen
getpeername
getsockname
setsockopt
ntohs
WSAStartup
WSACleanup
ioctlsocket
gethostname
recv
send
gethostbyname
WSAGetLastError
getsockopt
inet_addr
ntohl
select
__WSAFDIsSet
recvfrom
inet_ntoa
sendto
socket

kernel32

EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
SetStdHandle
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
FlushFileBuffers
WriteFile
HeapSize
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
HeapReAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
ExitThread
HeapAlloc
Sleep
CreateDirectoryA
GetProcAddress
LoadLibraryA
FreeLibrary
DeleteFileA
GetTempFileNameA
GetTempPathA
OutputDebugStringA
lstrcatA
lstrcpyA
SetLastError
CloseHandle
IsBadCodePtr
OpenProcess
GetLastError
GetModuleHandleA
GetVersionExA
IsBadWritePtr
GetModuleFileNameA
GetUserDefaultLCID
GetCurrentProcessId
ReadProcessMemory
GetCurrentProcess
lstrcpynA
lstrlenA
GetCurrentThread
IsBadReadPtr
HeapFree
GetProcessHeap
SetUnhandledExceptionFilter
GetLocalTime
GetUserDefaultLangID
GetTickCount
GetFileSize
SetFilePointer
ReadFile
SetEndOfFile
lstrcmpiA
ResetEvent
SetEvent
CreateThread
CreateEventA
TerminateThread
WaitForSingleObject
CreateMutexA
GetWindowsDirectoryA
FindClose
FindFirstFileA
MultiByteToWideChar
GetPrivateProfileStringA
SetEnvironmentVariableA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
GetSystemTime
GetTimeZoneInformation
TerminateProcess
ExitProcess
RaiseException
RtlUnwind
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetLocaleInfoW
CreateFileA
SetProcessWorkingSetSize

user32

RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
DispatchMessageA
SetWindowPos
LoadCursorA
PostMessageA
wsprintfA
SetLastErrorEx
CharNextA
FindWindowA
PostThreadMessageA
TranslateMessage
UnregisterClassA
PostQuitMessage
DefWindowProcA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid

urlmon

URLDownloadToFileA

Sections

.text
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d25feca455937e4971426792034617c8

Headers

File Characteristics

Imports

rasapi32

iphlpapi

ws2_32

kernel32

user32

advapi32

ole32

urlmon

Sections

.text Size: 456KB - Virtual size: 454KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 28KB - Virtual size: 62KB

.rsrc Size: 4KB - Virtual size: 3KB

.text Size: 208KB - Virtual size: 208KB

.text
Size: 456KB - Virtual size: 454KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 28KB - Virtual size: 62KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 208KB - Virtual size: 208KB