f77272c8799189b43b457d14080fd0d1e09fc259c4b6f6c5de69f86d09180a2e

Sharing

Copy URL Twitter E-mail

General

Target

f77272c8799189b43b457d14080fd0d1e09fc259c4b6f6c5de69f86d09180a2e
Size

485KB
MD5

6602a9e8fb1bc6a2306b4cad3dc9fac5
SHA1

757790b59af62669e7e8631fb64ed0181c456959
SHA256

f77272c8799189b43b457d14080fd0d1e09fc259c4b6f6c5de69f86d09180a2e
SHA512

67f479af6d836cacd74be4657472c9d24c571245991444ef0a5a4663de0c31436badd0d5d864f5c911e6712c46c251adc7e07fcfc432f4a3937a07c34a127c9f
SSDEEP

3072:kxHp8ZCVDqpvH0kUCVGMQ+i3sfZm8bDc2rANs4fYiziGqiyOD50scmQOa6bdddda:6H2I8v0kUC4MQL3sfZtbDzQDHqiaZmQV

Score

N/A

Malware Config

Signatures

Files

f77272c8799189b43b457d14080fd0d1e09fc259c4b6f6c5de69f86d09180a2e
.exe windows x86

24d696577fda93f7e4fdfe18e76d0112

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
htonl
shutdown
send
htons
socket
ntohs
select
gethostname
recv
getpeername
closesocket
WSAGetLastError
accept
WSACleanup
listen
bind

kernel32

OpenMutexW
SetLastError
GetVersion
GetVersionExW
GetVersionExA
LocalAlloc
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLocalTime
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentProcessId
GetCurrentProcess
GetTickCount
GetCurrentThreadId
OpenEventW
GetShortPathNameW
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCommandLineW
ResumeThread
Sleep
WaitForMultipleObjects
SetEvent
ReleaseMutex
LocalFree
FormatMessageW
GetLastError
WaitForSingleObject
PulseEvent
CreateMutexW
CreateEventW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
GetModuleFileNameW
FreeLibrary
LoadLibraryW
SetFilePointer
CloseHandle
CreateFileW
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapSize
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitThread
CreateThread
HeapReAlloc
GetFileType
CreateFileA
GetProcessHeap
GetStartupInfoW
RaiseException
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
WriteFile
GetStdHandle

user32

wsprintfW

advapi32

InitializeSid
GetAclInformation
AddAce
InitializeAcl
MakeAbsoluteSD
IsValidSid
GetSecurityDescriptorControl
GetLengthSid
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSecurityDescriptorSacl
CopySid
GetSidSubAuthority
GetSecurityDescriptorDacl
GetSidLengthRequired
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegEnumValueW
RegFlushKey
QueryServiceLockStatusW
ControlService
UnlockServiceDatabase
QueryServiceStatus
StartServiceW
LockServiceDatabase
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

ole32

CoInitializeEx
CoCreateInstance
CoInitialize
CoUninitialize
StringFromGUID2

oleaut32

SysFreeString
SysAllocString
VariantClear

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathUnquoteSpacesW
PathFindFileNameW
PathFindFileNameA
PathQuoteSpacesW
HashData

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24d696577fda93f7e4fdfe18e76d0112

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

version

shlwapi

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 280KB - Virtual size: 277KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 280KB - Virtual size: 277KB