7e2ad68481a1783222e588a87c8c4c1254063ca2be548ea126820e6adcf25b7b

Sharing

Copy URL Twitter E-mail

General

Target

7e2ad68481a1783222e588a87c8c4c1254063ca2be548ea126820e6adcf25b7b
Size

31KB
MD5

91da942f8566301dabed784fae847560
SHA1

e4a5ddc07d93a52285b2a29d2a1e2532ca01164c
SHA256

7e2ad68481a1783222e588a87c8c4c1254063ca2be548ea126820e6adcf25b7b
SHA512

109cdbade4839bab9049e369c4f3724fb5e4af014c2dd9d4c3ca590df8dfdd4bc66942415c4f7c94c60c6915aa65ca339859021e8537b598e1f6418cdc7931a4
SSDEEP

768:mKJX4TdiFJUKY7atYsdpyhuxgB5UZ51RiuiVflSw7:tW4FJUKFYsdptQ5UZ51RiuiJl3

Score

N/A

Malware Config

Signatures

Files

7e2ad68481a1783222e588a87c8c4c1254063ca2be548ea126820e6adcf25b7b
.exe windows x86

1b1b61762c1a4cc61a0e5cc8ddaf4732

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
CloseHandle
WaitForSingleObject
FindClose
WriteFile
FindFirstFileA
ReadFile
VirtualAlloc
GetFileSize
CreateFileA
GetModuleFileNameA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetSystemInfo
LoadResource
SizeofResource
FindResourceA
EnumResourceNamesA
EndUpdateResourceA
lstrlenA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
GlobalAlloc
GetFileAttributesA
ExitProcess
GetLastError
CreateMutexA
CopyFileA
GetModuleHandleA
GlobalMemoryStatusEx
GetSystemDefaultUILanguage
GetCurrentProcessId
ExitThread
LoadLibraryA
Sleep
GetProcAddress
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetTickCount
LockResource
GetStartupInfoA

user32

wsprintfA

advapi32

OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA

ws2_32

select
__WSAFDIsSet
recv
send
socket
connect
gethostname
inet_ntoa
WSAStartup
WSASocketA
WSAGetLastError
setsockopt
htons
htonl
sendto
closesocket
WSACleanup
inet_addr
gethostbyname

iphlpapi

GetIfTable

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??3@YAXPAX@Z
strncmp
exit
atoi
time
localtime
strcat
strstr
malloc
rand
sprintf
memset
printf
fprintf
_iob
memcpy
_except_handler3
_local_unwind2
strlen
??2@YAPAXI@Z
strcpy
_ftol
free

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b1b61762c1a4cc61a0e5cc8ddaf4732

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

iphlpapi

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 11KB