44dd22bc2c389f8a2e1eb9e739c839acdfa1ae42df768e3d5f972c885808980e

Sharing

Copy URL Twitter E-mail

General

Target

44dd22bc2c389f8a2e1eb9e739c839acdfa1ae42df768e3d5f972c885808980e
Size

324KB
MD5

21c7140e34f47bab2c119fe3e33e37a0
SHA1

fca17dc363b031e54a0d4ffcf19feed57c26390f
SHA256

44dd22bc2c389f8a2e1eb9e739c839acdfa1ae42df768e3d5f972c885808980e
SHA512

330cc3a49197256fbfb2d74a5e59804f43a54c4def0c6870a1f6606ae2e40d96f8db26c8c470dcab8111a39d53d23643cb5ef7a9741417ac9242550dbddcea7c
SSDEEP

6144:R2BUIgCSxEkWx4LK2v3uUVhdlgwQyX4fWuWCakGHoekZP:RQUIgnxEk1KenVhqyX4f+CakxZP

Score

N/A

Malware Config

Signatures

Files

44dd22bc2c389f8a2e1eb9e739c839acdfa1ae42df768e3d5f972c885808980e
.exe windows x86

0fed4ffa8b6649b7f6bab355ea6a4a62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleUninitialize
OleInitialize

ws2_32

connect
WSAStartup
WSAConnect
WSACleanup
bind
socket
WSAGetOverlappedResult
closesocket
WSASocketA
accept

crypt32

CryptEncodeObject
CryptImportPublicKeyInfo
CertGetCertificateChain
CertFindCertificateInStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CertFreeCertificateChain
CryptDecodeObject
CryptAcquireCertificatePrivateKey
CertCreateCertificateContext
CertVerifyCertificateChainPolicy
CryptHashPublicKeyInfo

kernel32

GetLocaleInfoA
GetStringTypeW
UnhandledExceptionFilter
InterlockedIncrement
InterlockedCompareExchange
SetTapeParameters
VirtualFree
GetFileAttributesA
GetEnvironmentVariableA
GetShortPathNameA
CreateDirectoryA
VirtualAlloc
CopyFileA
GetTempFileNameA
ResetEvent
FindNextChangeNotification
GetSystemInfo
WaitForMultipleObjects
FindFirstChangeNotificationA
VirtualProtect
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
HeapFree
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
InitializeCriticalSection
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0fed4ffa8b6649b7f6bab355ea6a4a62

Headers

File Characteristics

Imports

ole32

ws2_32

crypt32

kernel32

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 137KB - Virtual size: 428KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 137KB - Virtual size: 428KB