84824f2cb85d0f0777aaf5a87f696642df66faeb1be657c5cbfabfedc56e3f60

Sharing

Copy URL

Twitter E-mail

General

Target

84824f2cb85d0f0777aaf5a87f696642df66faeb1be657c5cbfabfedc56e3f60
Size

212KB
MD5

634dfb488fb2a71a17ac0d45113c7143
SHA1

c3cfe6b97bc8cc3dcf6c20c9742a48d9b008fb24
SHA256

84824f2cb85d0f0777aaf5a87f696642df66faeb1be657c5cbfabfedc56e3f60
SHA512

8748a7fcdc9700d657873063fd9df65e3eab03421250b24bb63b3f1648a03d63906194d8fc7dafddc950ca039c16739da9f2266807ef478e58498cfef9ab1fe9
SSDEEP

6144:5Vdf/dN3C91JP4VkKn+mQV1BrP5ewK8XcpDdj/k/3VY:3Fr3C91JAVB+mCFW8Mpp/k/3VY

Score

N/A

Malware Config

Signatures

Files

84824f2cb85d0f0777aaf5a87f696642df66faeb1be657c5cbfabfedc56e3f60
.exe windows x86

50e71e1f7a5f2e704d956f63cf1d1662

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
lstrcpyW
lstrcpyA
DeleteCriticalSection
IsBadCodePtr
GlobalAlloc
GlobalHandle
GetFileSize
HeapAlloc
FreeLibrary
SetFilePointer
GetCurrentProcess
InterlockedExchange
WriteFile
GetFileAttributesW
CreateThread
SetThreadPriority
WaitForSingleObject
GetProfileIntA
GetStartupInfoA
lstrcmpiW
CreateFileW
HeapFree
GetThreadPriority
lstrlenA
GetVersionExW
lstrcmpW
IsBadReadPtr
VirtualFree
GetSystemDefaultLangID
MulDiv
GetDiskFreeSpaceW
InitializeCriticalSection
MultiByteToWideChar
GetCurrentProcessId
GetLastError
GetQueuedCompletionStatus
GlobalMemoryStatus
lstrcpynW
GetProcessHeap
LeaveCriticalSection
ResetEvent
GlobalLock
SetEndOfFile
SetEvent
GetPrivateProfileStringW
GetProcAddress
ReadFile
IsBadWritePtr
CloseHandle
GetCurrentThread
GlobalUnlock
GetSystemTimeAsFileTime
CreateEventW
lstrlenW
EnterCriticalSection
WaitForMultipleObjects
GlobalFree
SetUnhandledExceptionFilter
InterlockedIncrement
OutputDebugStringW
LoadLibraryW
WideCharToMultiByte
GetEnvironmentStringsW
GetTickCount
QueryPerformanceCounter
GetModuleFileNameA
CreateSemaphoreW
InterlockedDecrement
GetFullPathNameW

user32

LoadCursorW
DispatchMessageW
PeekMessageW
ShowWindow
GetDC
GetAsyncKeyState
TranslateMessage
MoveWindow
IsWindowVisible
SetWindowLongW
DestroyWindow
SetCursor
EnableWindow
CheckRadioButton
IsRectEmpty
GetDlgItem
IsWindow
DefWindowProcW
GetDlgItemInt
SendMessageW
CreateDialogParamW
InvalidateRect
GetDesktopWindow
GetWindowLongW
ReleaseDC
GetClientRect
GetWindowRect
SetDlgItemInt
CheckDlgButton
LoadStringW
ClientToScreen
SetDlgItemTextW

netshell

DllGetClassObject
StartNCW
NcIsValidConnectionName

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50e71e1f7a5f2e704d956f63cf1d1662

Headers

File Characteristics

Imports

kernel32

user32

netshell

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 35KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 35KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 2KB - Virtual size: 1KB