628ab14af50d3f4ce426e17b9d2c085388584f24fe91ad349eec6005e7d00ba9

Sharing

Copy URL Twitter E-mail

General

Target

628ab14af50d3f4ce426e17b9d2c085388584f24fe91ad349eec6005e7d00ba9
Size

135KB
MD5

605f19a232efc34b0c9e99617e23f7ac
SHA1

cbc8ad67b3f8b26368e92395aec4db7b4d045e94
SHA256

628ab14af50d3f4ce426e17b9d2c085388584f24fe91ad349eec6005e7d00ba9
SHA512

a45cc5925bc1c94ff8c4d9a8b853e6ad38868bf0ef2a8705c5cad49fbbf9660084dad4444898a01fb10623c68e6bbab77a59b09b64cfd5515e1c7d620a5d223b
SSDEEP

3072:WMW/Bw6p/56DwWgrc7ttIyU1tZtnwKVpT:Wb/Bw6awWroyUzZfV

Score

N/A

Malware Config

Signatures

Files

628ab14af50d3f4ce426e17b9d2c085388584f24fe91ad349eec6005e7d00ba9
.exe windows x86

cefc32f8be44ac2f4f7663ef820d098f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineW
GetVersion
WriteFile
SetFilePointer
CloseHandle
AllocConsole
InitializeCriticalSection
GetModuleFileNameW
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess

user32

GetWindowTextA
SystemParametersInfoW
GetScrollRange
ShowScrollBar
GetDlgItemInt
SetDlgItemInt
LoadImageA
CreateCaret
SendMessageA
SendMessageTimeoutA
SetWindowTextA
EnumWindows
IsDialogMessageW
CallNextHookEx
GetClassNameW
DefWindowProcW
GetAsyncKeyState
GetWindowLongW
GetMessagePos
GetKeyNameTextA
DestroyWindow
GetWindowTextLengthA
RegisterClassExA
GetClassInfoExA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CheckRadioButton
EndDialog
SendDlgItemMessageW
OffsetRect
GetWindowTextLengthW

advapi32

RegOpenKeyExW
RegQueryValueExW
StartServiceCtrlDispatcherW
RegSetValueExW
RegEnumKeyW
RegisterServiceCtrlHandlerW
RegCloseKey

ws2_32

WSAWaitForMultipleEvents
send
WSACleanup
socket
WSAStartup
WSAEnumNetworkEvents
WSAAddressToStringA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cefc32f8be44ac2f4f7663ef820d098f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 42KB - Virtual size: 97KB

.rsrc Size: 68KB - Virtual size: 144KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 42KB - Virtual size: 97KB

.rsrc
Size: 68KB - Virtual size: 144KB