2a5a4f35d51fdc8b66fe4bc44f6086be7b85b000787b7b363c9c508175c0f9b9

Sharing

Copy URL

Twitter E-mail

General

Target

2a5a4f35d51fdc8b66fe4bc44f6086be7b85b000787b7b363c9c508175c0f9b9
Size

133KB
MD5

6e9bf8f9aa683f5030b1705cfa2624af
SHA1

a796dbab7dc5ffccbd0eb7b523a51dc23c0da520
SHA256

2a5a4f35d51fdc8b66fe4bc44f6086be7b85b000787b7b363c9c508175c0f9b9
SHA512

edb47dc6c55af559c40f331f0e4812a2acd58deab9537a70fbdeb2ebc7af2cb4ea1fd77934c5a03c0c12724eff058cf5f465afaf134dd475712df8757bf10f4e
SSDEEP

3072:EWILTFjKOHelsEJYUsH+qV44HZNtgv8GIbvgTrlXIDUIS1w+BpTG/DH+DZ:3u5ej364Ur9vgTBXIAIGxRGSDZ

Score

N/A

Malware Config

Signatures

Files

2a5a4f35d51fdc8b66fe4bc44f6086be7b85b000787b7b363c9c508175c0f9b9
.exe windows x86

89aa21291862a6491da93eab6ecd7fdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
FatalAppExitA
LCMapStringA
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetLastError
TlsGetValue
SetLastError
LCMapStringW
GetStringTypeA
GetModuleHandleW
GetCommandLineW
GetVersion
WriteFile
SetFilePointer
CloseHandle
ExitProcess
LocalAlloc
LocalFree
LeaveCriticalSection
Sleep
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetStringTypeW
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA

user32

GetDlgCtrlID
FrameRect
GetDoubleClickTime
SetParent
SetCursor
WindowFromPoint
DispatchMessageW
TranslateMessage
GetMessageW
LoadIconA
IsClipboardFormatAvailable
GetClipboardData
CopyAcceleratorTableW
SetMenuItemInfoA
GetMenuItemInfoA
GetMessageTime
SetScrollInfo
ScrollWindow
GetTopWindow
GetSysColor
DrawTextW
CreateWindowExW
LockWindowUpdate
DrawIcon
SetForegroundWindow

advapi32

RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetServiceStatus
AdjustTokenPrivileges
LookupPrivilegeValueW
CloseServiceHandle
ControlService
RegDeleteKeyW
RegOpenKeyW
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegCloseKey

ws2_32

getsockname
htons
shutdown
setsockopt
getpeername
gethostname
gethostbyname
send
WSACleanup
socket
WSAStartup
sendto

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89aa21291862a6491da93eab6ecd7fdd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 26KB - Virtual size: 86KB

.rsrc Size: 44KB - Virtual size: 140KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 26KB - Virtual size: 86KB

.rsrc
Size: 44KB - Virtual size: 140KB