6e4743554d68460cdebd4ceed454d72ccb8bc5cfb8d3a90425cf87ffc24d440d

Sharing

Copy URL Twitter E-mail

General

Target

6e4743554d68460cdebd4ceed454d72ccb8bc5cfb8d3a90425cf87ffc24d440d
Size

68KB
MD5

68ff1c5f307aab66753883c909da02e2
SHA1

8dd761d58402c4b836d382817e6ccd7c03dbd649
SHA256

6e4743554d68460cdebd4ceed454d72ccb8bc5cfb8d3a90425cf87ffc24d440d
SHA512

cf759430360c0caf44e0e8fc7a103ff8d27ed4e952cc5408ddf8ddac0030737da2725555b861778431352a565efc25cdf272f3b1c0080ab48643ce79c4ec7d18
SSDEEP

768:vI6U4JCiGqeg8fD4oDTsOdqUCmZ9hstQM8SSTRAL+f962pZHSPjwMvz6mw24u997:QAr8Eo0Odqqyj3STSqfYsyPpUok

Score

N/A

Malware Config

Signatures

Files

6e4743554d68460cdebd4ceed454d72ccb8bc5cfb8d3a90425cf87ffc24d440d
.dll windows x86

e247daf68e205761b43dd51d90f9d65a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CloseHandle
CreateProcessA
GetStartupInfoA
CreatePipe
GetLogicalDriveStringsA
Process32Next
Process32First
GetLocalTime
TerminateProcess
OpenProcess
DeleteFileA
GetModuleFileNameA
GetTickCount
GetSystemDirectoryA
Sleep
ExitThread
CreateToolhelp32Snapshot
CreateThread
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
ExitProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetLastError
InitializeCriticalSection
WriteFile
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

advapi32

GetUserNameA

shell32

ShellExecuteA

ws2_32

__WSAFDIsSet
recvfrom
inet_addr
recv
send
socket
select
WSAStartup
htons
connect
gethostbyname
inet_ntoa
gethostname
closesocket
ioctlsocket
setsockopt

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e247daf68e205761b43dd51d90f9d65a

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB