de1332b87492750e25e54fbb36a1cf44e43accb458ef97763dfe2cf42301bfee

Sharing

Copy URL Twitter E-mail

General

Target

de1332b87492750e25e54fbb36a1cf44e43accb458ef97763dfe2cf42301bfee
Size

584KB
MD5

7b4fb5632b01f65416c19688d9b61c29
SHA1

9f81d8c613cead0fa983147652664c2b3c1cd602
SHA256

de1332b87492750e25e54fbb36a1cf44e43accb458ef97763dfe2cf42301bfee
SHA512

5c8cfbb2a9108bc33a7fb15ba651f7b8caf397cc4ea6f103a2ed3f8736c686e705dbd3564015eb64ba43fb2aafb60dbbab93cdaad3e1e2c96fdf7435c803843a
SSDEEP

12288:U6i6Mwnm4AWufWfUfRttShryumE5i3isuNvKpGRoOvJ1q:JFRnmYufPfRtUhryXoiGdvLq

Score

N/A

Malware Config

Signatures

Files

de1332b87492750e25e54fbb36a1cf44e43accb458ef97763dfe2cf42301bfee
.exe windows x86

94495037647863464baaf42f3dcbabfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

getpeername
inet_addr
WSAStartup
WSACleanup
setsockopt
socket
closesocket
shutdown
bind
htonl
htons
inet_ntoa
recv
__WSAFDIsSet
send
WSAGetLastError
getsockname
gethostbyname
select
accept
listen
ioctlsocket
connect

kernel32

GetComputerNameA
ReadFile
SystemTimeToFileTime
GetSystemTime
GetTickCount
GlobalAddAtomA
GlobalDeleteAtom
GetVersionExA
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemDirectoryA
OpenProcess
CreateProcessA
GetModuleFileNameA
Sleep
GetEnvironmentVariableA
SetLastError
ExitThread
CreateThread
RaiseException
GetVersion
GetStartupInfoA
GetModuleHandleA
TerminateProcess
ExitProcess
InterlockedIncrement
SetErrorMode
GetLocalTime
GetTimeZoneInformation
HeapFree
HeapAlloc
RtlUnwind
InterlockedExchange
TlsGetValue
ResumeThread
TlsAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
TlsSetValue
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetLogicalDriveStringsA
FindFirstFileA
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
FindNextFileA
FindClose
SetFileTime
CreateDirectoryA
GetCurrentProcessId
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetLastError
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcpyA
GetCommandLineA
GetCurrentDirectoryA
OutputDebugStringA
GetStdHandle
WriteConsoleA
WriteFile
CloseHandle
DeleteFileA
MoveFileA
CreateFileA
SetFilePointer
SetEndOfFile
AllocConsole
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapDestroy
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
FlushFileBuffers
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
InterlockedDecrement

user32

GetClipboardOwner
MapVirtualKeyA
GetAsyncKeyState
VkKeyScanA
LoadMenuA
LoadIconA
DestroyMenu
GetMenuItemID
TrackPopupMenu
SetMenuDefaultItem
GetSubMenu
CheckMenuItem
GetMenuState
MapWindowPoints
CreateDialogParamA
ExitWindowsEx
GetUserObjectInformationA
GetProcessWindowStation
IsIconic
GetWindow
PostThreadMessageA
TranslateMessage
GetMessageA
EnumWindows
GetPropA
IsWindowVisible
SetPropA
RemovePropA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
SetClipboardViewer
GetClipboardData
OpenDesktopA
EnumDesktopWindows
SystemParametersInfoA
FindWindowA
KillTimer
ChangeClipboardChain
InvalidateRect
PeekMessageA
GetClientRect
DispatchMessageA
RegisterWindowMessageA
GetCursorPos
IntersectRect
mouse_event
GetKeyboardState
keybd_event
SetTimer
GetForegroundWindow
MessageBeep
EndDialog
DialogBoxParamA
EnumDisplaySettingsA
GetThreadDesktop
SetThreadDesktop
OpenInputDesktop
ChangeDisplaySettingsExA
CloseDesktop
GetDC
GetWindowTextA
GetClassNameA
GetWindowDC
ReleaseDC
LoadImageA
DestroyCursor
CallWindowProcA
GetParent
ChangeDisplaySettingsA
PostQuitMessage
WindowFromPoint
IsChild
LoadBitmapA
SetWindowTextA
GetDesktopWindow
EqualRect
IsRectEmpty
SetForegroundWindow
GetWindowPlacement
SetWindowRgn
InflateRect
PtInRect
GetWindowRgn
InvalidateRgn
ShowWindow
GetWindowLongA
GetCapture
ClientToScreen
GetWindowRect
SetWindowPos
UpdateWindow
LoadCursorA
SetCursor
BeginPaint
OffsetRect
FillRect
SetRect
EndPaint
SetCapture
ClipCursor
GetSystemMetrics
PostMessageA
DefWindowProcA
ReleaseCapture
DestroyWindow
RegisterClassExA
CreateWindowExA
SetWindowLongA
GetDlgItemTextA
SetDlgItemInt
MessageBoxA
GetDlgItemInt
SetDlgItemTextA
GetFocus
SetFocus
SendMessageA
SendDlgItemMessageA
GetDlgItem
EnableWindow
WaitMessage

gdi32

GetRegionData
GetObjectA
GetBitmapBits
GdiFlush
SelectObject
BitBlt
CreateDIBSection
GetStockObject
CreatePalette
SelectPalette
RealizePalette
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
DeleteDC
ExtEscape
GetSystemPaletteEntries
SetROP2
FrameRgn
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
CreateHatchBrush
DeleteObject
CreateSolidBrush

advapi32

RegCloseKey
RegCreateKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
RegOpenKeyA
RegDeleteValueA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenProcessToken
ImpersonateLoggedOnUser
RevertToSelf
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

comctl32

ord17

zrtshks

SetMouseFilterHook
SetKeyboardFilterHook
SetHook
UnSetHook
SetMousePriorityLLHook
SetKeyboardPriorityLLHook
SetMousePriorityHook
SetKeyboardPriorityHook

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

94495037647863464baaf42f3dcbabfc

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

advapi32

ole32

comctl32

zrtshks

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 48KB - Virtual size: 56KB

.rsrc Size: 276KB - Virtual size: 276KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 48KB - Virtual size: 56KB

.rsrc
Size: 276KB - Virtual size: 276KB