5b5336667c8cecf3520ce929eaef099686b834c6f61b95ebcc8fe8b45747df7e

Sharing

Copy URL Twitter E-mail

General

Target

5b5336667c8cecf3520ce929eaef099686b834c6f61b95ebcc8fe8b45747df7e
Size

440KB
MD5

04e1d99414d9789dcd5531863e3623bb
SHA1

3d830880b365a72fd6b95d1793275f616556371d
SHA256

5b5336667c8cecf3520ce929eaef099686b834c6f61b95ebcc8fe8b45747df7e
SHA512

57f826da57b6489e0ce9c67a93029a5a4c6c6ed961c188fa2bdb5c82044dc37601f68a7d2364f5e4fc69bb3d97416192722b95ae12c234a3110a6ae62f7bb5b7
SSDEEP

6144:xNy6C9RCO/DTgAbehLQq2UM7Je4kv0HO883Si5/0A:GTGhLR2UM7A4S0S3S0/0

Score

N/A

Malware Config

Signatures

Files

5b5336667c8cecf3520ce929eaef099686b834c6f61b95ebcc8fe8b45747df7e
.exe windows x86

76506ee3413225d254fb2c46479e269b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetVolumeInformationA
Sleep
GetEnvironmentVariableA
CreateDirectoryA
SetCurrentDirectoryA
GetLogicalDriveStringsA
GetLastError
SetFileAttributesA
GetCurrentDirectoryA
SetErrorMode
CreateThread
PeekNamedPipe
GetExitCodeProcess
CreateProcessA
TerminateProcess
ReadFile
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleFileNameA
ExitProcess
LoadLibraryA
CloseHandle
VirtualProtect
WriteFile
SetFilePointer
WinExec
CreateFileA
SetEndOfFile
CreateFileW
GetStringTypeW
FlushFileBuffers
LCMapStringW
SetStdHandle
HeapAlloc
HeapQueryInformation
HeapSize
HeapReAlloc
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
RaiseException
RtlUnwind
GetModuleFileNameW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapValidate
GetSystemInfo
EnterCriticalSection
LeaveCriticalSection
GetConsoleMode
ReadConsoleW
SetLastError
GetCurrentThreadId
GetStdHandle
DeleteCriticalSection
SetFilePointerEx
GetFileType
GetStartupInfoW
GetFileAttributesExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
DeleteFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetConsoleCP
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
WaitForSingleObjectEx
LoadLibraryExW
OutputDebugStringA
WriteConsoleW
FreeLibrary
HeapFree
VirtualQuery

user32

EnumWindows
GetClassNameA

advapi32

InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
SetSecurityDescriptorDacl

shell32

ShellExecuteA
SHFileOperationA

ws2_32

recv
socket
closesocket
gethostbyname
send
connect
WSACleanup
htons
inet_addr
WSAStartup
__WSAFDIsSet
select
ioctlsocket
getpeername
recvfrom
sendto
WSAGetLastError
getaddrinfo
freeaddrinfo
inet_ntoa

winmm

timeGetTime

Sections

.text
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76506ee3413225d254fb2c46479e269b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

winmm

Sections

.text Size: 354KB - Virtual size: 353KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 8KB - Virtual size: 113KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 354KB - Virtual size: 353KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 8KB - Virtual size: 113KB

.rsrc
Size: 512B - Virtual size: 480B