d6018984210a9d79f5057a7063fdd5a15537d8053dfb9bdd13a89312b055a05e

Sharing

Copy URL Twitter E-mail

General

Target

d6018984210a9d79f5057a7063fdd5a15537d8053dfb9bdd13a89312b055a05e
Size

88KB
MD5

78756d58fbd86c4ff63f89ca04155670
SHA1

348985f3376f635f2364d018d21b88f9f35b1c4b
SHA256

d6018984210a9d79f5057a7063fdd5a15537d8053dfb9bdd13a89312b055a05e
SHA512

20c69312e757cd3517473c0b5ed0a00d798aad30bc4d4813299afc4e9fc1ec3fb8426def9a6a0d4b18ce2b3de7158cb854b98ae32e3ec21923ddd9b6706124f9
SSDEEP

1536:vZnKktISTX4HUSTvV2nK+VFjVsnoQFNc8QsOlqhBmiaQI2wLtC+6quEes:vxRJwP8nxVStNc8QsdBmdwqVzuEes

Score

N/A

Malware Config

Signatures

Files

d6018984210a9d79f5057a7063fdd5a15537d8053dfb9bdd13a89312b055a05e
.exe windows x86

c871f384b75aa526bb98941f7724542a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
_onexit
__dllonexit
bsearch
tolower
atoi
_errno
wcsncmp
_iob
fputs
_getch
fputc
_ftol
modf
strncmp
realloc
__p__environ
__p__wenviron
strerror
_isctype
__mb_cur_max
_pctype
_close
wcslen
wcscpy
free
signal
strchr
rand
srand
malloc
_getpid
exit

kernel32

LoadLibraryExW
SetErrorMode
UnlockFileEx
UnlockFile
LockFileEx
LockFile
LoadLibraryA
GetProcAddress
GetVersionExA
GetEnvironmentVariableW
GetCurrentDirectoryW
GetExitCodeProcess
TerminateProcess
LeaveCriticalSection
SetEvent
ReleaseMutex
EnterCriticalSection
CloseHandle
SetStdHandle
SetFilePointer
GetLastError
CreateFileW
GetOverlappedResult
CancelIo
WaitForSingleObject
DeviceIoControl
GetFileInformationByHandle
GetStdHandle
SetLastError
CreateEventA
ReadFile
PeekNamedPipe
WriteFile
FormatMessageA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GlobalFree
GetCommandLineW
TlsAlloc
TlsFree
LocalFree
GetFileType
GetFullPathNameW
FindClose
FindFirstFileW
GetFileAttributesExW
GetSystemTimeAsFileTime
FreeLibrary
Sleep
InitializeCriticalSection
DeleteCriticalSection

advapi32

GetNamedSecurityInfoA
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
AllocateAndInitializeSid
FreeSid
GetSecurityInfo

wsock32

closesocket
recv
accept
inet_ntoa
send
listen
bind
socket
shutdown
__WSAFDIsSet
select
ioctlsocket
connect
getsockname
WSAGetLastError
ntohl
WSAStartup
WSACleanup

shell32

CommandLineToArgvW

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c871f384b75aa526bb98941f7724542a

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

wsock32

shell32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.trdata Size: 20KB - Virtual size: 20KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.trdata
Size: 20KB - Virtual size: 20KB