41a693601d454361d4fd1603376c6bea33bf6cce0879a266284fcb3f2ee1beaa

Sharing

Copy URL Twitter E-mail

General

Target

41a693601d454361d4fd1603376c6bea33bf6cce0879a266284fcb3f2ee1beaa
Size

152KB
MD5

62e6c9e1b718ab55fd15acb73039c7c0
SHA1

ec9df79c347f23085bd2dd06f5c0d48b051e2a73
SHA256

41a693601d454361d4fd1603376c6bea33bf6cce0879a266284fcb3f2ee1beaa
SHA512

ac80f2eb9d65bc447a5b8a421311475c56d8996d7b7318c0495413c4712d9a369e593bdbaabf0afabebe4f41cfeaa3f573ec7d04f17f05f9564e34b925dd24bd
SSDEEP

3072:wMSSDz87HTn3u7RPQ6/+4mPgt50GPgA8JichW7vJFO9FViDLM8N3MgAUgAsa:3P87HbemA+4mPgt50GIA8Jich+vJFgFX

Score

N/A

Malware Config

Signatures

Files

41a693601d454361d4fd1603376c6bea33bf6cce0879a266284fcb3f2ee1beaa
.exe windows x86

c3a0595e3fb2d9861b96ef16498d5e3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

sendto
recvfrom
inet_addr
gethostbyname
htons
select
__WSAFDIsSet
getsockopt
ioctlsocket
connect
getservbyname
closesocket
ntohs
send
recv
bind
socket

iphlpapi

GetNetworkParams

kernel32

GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
FreeLibrary
GetSystemTimeAsFileTime
Sleep
SetConsoleCtrlHandler
GetExitCodeThread
WaitForSingleObject
GetModuleFileNameA
FlushViewOfFile
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
GetFileInformationByHandle
GetTempPathA
CreateThread
CreateFileA
MapViewOfFile
GetLastError
UnmapViewOfFile
GetProcAddress
InterlockedExchange
LoadLibraryA
GetCurrentProcess
CreateFileMappingA
SetErrorMode
SetUnhandledExceptionFilter
GlobalFree
GlobalAlloc
SetEvent
CreateEventA

advapi32

RegisterServiceCtrlHandlerA
RegOpenKeyExA
RegQueryValueExA
OpenServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
DeleteService
SetServiceStatus
CreateServiceA
RegCloseKey
OpenSCManagerA

libclamav

ord214
ord103
ord91
ord215
cl_retdbdir
ord177
ord142
ord154
ord102
ord252
ord156
ord155
ord119
ord60
ord61
cw_disablefsredir
ord53
cw_perror
ord104
ord364
ord90
cl_cvdverify
ord71
cl_load
ord109
cl_cvdparse
ord254
cl_cvdfree
cw_getaddrinfo
cw_gai_strerror
ord113
cw_freeaddrinfo
cl_cvdhead
cl_engine_free
ord137
cl_engine_new
ord70
cl_retflevel
ord253
ord72
ord250
cw_rmdirs
ord52
ord105
ord128
ord118
ord138
ord172
cl_init
cl_debug
cl_strerror
cw_strerror
cl_set_clcb_msg
cw_unlink
ord171
cw_stat
ord170
ord134
ord251

msvcr80

_mkdir
memset
sprintf
fflush
atoi
_strnicmp
strrchr
_ctime64
_gmtime64
strncmp
qsort
strncpy
_open
_access
_write
_umask
_getcwd
_chdir
_getpid
_spawnlp
_read
malloc
_time64
strstr
_close
strftime
strchr
memcpy
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
memchr
memmove
fgets
fputs
fopen
_dup
_lseek
_fstat64i32
calloc
fputc
_strdup
srand
rand
clock
_setmode
_fileno
strncat
abort
_ftime64
realloc
sscanf
exit
system
fprintf
__iob_func
_errno
free
printf
fclose
rename

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kzatzjl
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3a0595e3fb2d9861b96ef16498d5e3a

Headers

File Characteristics

Imports

ws2_32

iphlpapi

kernel32

advapi32

libclamav

msvcr80

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 56KB - Virtual size: 56KB

kzatzjl Size: - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 56KB - Virtual size: 56KB

kzatzjl
Size: - Virtual size: 4KB