01d8309303be2f9cc334d8df5a5e6d584fe7758035b7170a873d82324aa496fa

General

Target

01d8309303be2f9cc334d8df5a5e6d584fe7758035b7170a873d82324aa496fa
Size

40KB
MD5

641395ee9177d1e9e11ec1e4fda1db50
SHA1

8673564ded19c831c9f23a7046fadd36d57a7eda
SHA256

01d8309303be2f9cc334d8df5a5e6d584fe7758035b7170a873d82324aa496fa
SHA512

f229757070294acbec60675684b8311452e727bbfcc090a3a2c9b8556e8fcf1bbc590e5113df96a6ddcfdfea3bf1f4d68aea8c98781fed9d9f9c789ebafd4ecc
SSDEEP

384:HAWMC0qKQ8dAmqaBdm9PDnUNoXWo/CpQUzLwDftDYy1ACt3sHSMXxVlg:UC/KHdAmRBdYDnUSGoaPYM3Ct3dM7lg

Score

N/A

Malware Config

Signatures

Files

01d8309303be2f9cc334d8df5a5e6d584fe7758035b7170a873d82324aa496fa
.exe windows x86

d774861e021ebc583dd407cfd1e2d884

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
CopyFileA
ExitProcess
CreateMutexA
GetWindowsDirectoryA
CreateThread
WaitForSingleObject
Sleep
GetTempPathA
WinExec
OpenMutexA
GetLastError
ReleaseMutex
CloseHandle
GetModuleFileNameA
SetFileAttributesA
DeleteFileA
lstrlenA
lstrcatA
LoadLibraryA
GetProcAddress
LCMapStringA
HeapAlloc
HeapReAlloc
LCMapStringW
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
RtlUnwind
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount

user32

wsprintfA

advapi32

OpenSCManagerA
OpenServiceA
DeleteService
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

ws2_32

WSAStartup
send
select
__WSAFDIsSet
recv
setsockopt
WSAIoctl
htons
socket
connect
closesocket
gethostbyname
inet_addr

urlmon

URLDownloadToFileA

shlwapi

PathRemoveFileSpecA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d774861e021ebc583dd407cfd1e2d884

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

urlmon

shlwapi

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB