361e0a6799c3d6e176c564d506d2f5e9618f1fddc29c15891e4f556a6be82311

Sharing

Copy URL Twitter E-mail

General

Target

361e0a6799c3d6e176c564d506d2f5e9618f1fddc29c15891e4f556a6be82311
Size

57KB
MD5

6d71e979535bc91afc8a2cf31e5835b0
SHA1

5ff4ce9959824a8179eb680578f8b4930e765154
SHA256

361e0a6799c3d6e176c564d506d2f5e9618f1fddc29c15891e4f556a6be82311
SHA512

0fd3d98134c3f7c4aee16a5301f651ae89488a6b03b28a308394a26523769a53f87e131e25012a3e1e2fc9505a5e50c3ea54c065ba2e3de00ca3009e87f3434a
SSDEEP

768:7B1R9bW7+g2kf+Y5Fx75AvOmN7/LFtMbmRZP1mHXcayml:PR9c2kfxdivOmtLIM6Mayml

Score

N/A

Malware Config

Signatures

Files

361e0a6799c3d6e176c564d506d2f5e9618f1fddc29c15891e4f556a6be82311
.exe windows x86

73544fee8e21f2116619c3414b7ee7c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetSystemDefaultLCID
GetACP
GetComputerNameA
GetCurrentThreadId
lstrlenW
GetLocalTime
FileTimeToSystemTime
CreateDirectoryA
GetTempPathA
FreeLibrary
LoadResource
FindResourceA
lstrlenA
MoveFileA
GetSystemInfo
IsBadCodePtr
GetOEMCP
RaiseException
GetSystemTime
TlsAlloc
SetUnhandledExceptionFilter
GetModuleHandleA
CreateMutexA
GetProcAddress

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

rpcrt4

UuidCreate

ws2_32

setsockopt
shutdown
closesocket
accept
WSAStartup
socket
htons
ioctlsocket
connect
getsockopt
inet_addr
gethostbyname
recv
select
WSAGetLastError
send

resutils

ResUtilVerifyService
ResUtilStartResourceService
ClusWorkerTerminate
ResUtilAddUnknownProperties
ResUtilSetSzValue
ResUtilDupString
ResUtilStopResourceService

qedit

DllCanUnloadNow
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qWPeqe
Size: 5KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PaX
Size: 5KB - Virtual size: 594KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Bo
Size: 4KB - Virtual size: 677KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fFH
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bZJ
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IsSxVX
Size: 3KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.z
Size: 6KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73544fee8e21f2116619c3414b7ee7c0

Headers

File Characteristics

Imports

kernel32

advapi32

rpcrt4

ws2_32

resutils

qedit

Sections

.text Size: 15KB - Virtual size: 14KB

.qWPeqe Size: 5KB - Virtual size: 804KB

.rdata Size: 1KB - Virtual size: 27KB

.PaX Size: 5KB - Virtual size: 594KB

.Bo Size: 4KB - Virtual size: 677KB

.fFH Size: 6KB - Virtual size: 24KB

.bZJ Size: 1024B - Virtual size: 11KB

.IsSxVX Size: 3KB - Virtual size: 184KB

.data Size: 6KB - Virtual size: 233KB

.z Size: 6KB - Virtual size: 35KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 14KB

.qWPeqe
Size: 5KB - Virtual size: 804KB

.rdata
Size: 1KB - Virtual size: 27KB

.PaX
Size: 5KB - Virtual size: 594KB

.Bo
Size: 4KB - Virtual size: 677KB

.fFH
Size: 6KB - Virtual size: 24KB

.bZJ
Size: 1024B - Virtual size: 11KB

.IsSxVX
Size: 3KB - Virtual size: 184KB

.data
Size: 6KB - Virtual size: 233KB

.z
Size: 6KB - Virtual size: 35KB

.rsrc
Size: 2KB - Virtual size: 1KB