9a49bd83ed832f1f780ad095e8f0b472ae60a798672d872f4d1bfe8f103589c9

Sharing

Copy URL Twitter E-mail

General

Target

9a49bd83ed832f1f780ad095e8f0b472ae60a798672d872f4d1bfe8f103589c9
Size

440KB
MD5

4d8fd92f584207a18bbe6e32d1a6c633
SHA1

deec6512a16fecc1fa5c82d6e3a2a9d9cb258682
SHA256

9a49bd83ed832f1f780ad095e8f0b472ae60a798672d872f4d1bfe8f103589c9
SHA512

9d240583b2b77d77676dc01636729cb65742038f57e7f9bc21d697a4e9d831a49ae204d62e40e8b073acd89271c810c50f73c1fab0ce9e8d4638ea8252b13b33
SSDEEP

6144:xNy6C9RgwTc9ZAbehLQq2UM7Je4kv0HO883Si5/0t/:xH5hLR2UM7A4S0S3S0/0t

Score

N/A

Malware Config

Signatures

Files

9a49bd83ed832f1f780ad095e8f0b472ae60a798672d872f4d1bfe8f103589c9
.exe windows x86

76506ee3413225d254fb2c46479e269b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetVolumeInformationA
Sleep
GetEnvironmentVariableA
CreateDirectoryA
SetCurrentDirectoryA
GetLogicalDriveStringsA
GetLastError
SetFileAttributesA
GetCurrentDirectoryA
SetErrorMode
CreateThread
PeekNamedPipe
GetExitCodeProcess
CreateProcessA
TerminateProcess
ReadFile
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleFileNameA
ExitProcess
LoadLibraryA
CloseHandle
VirtualProtect
WriteFile
SetFilePointer
WinExec
CreateFileA
SetEndOfFile
CreateFileW
GetStringTypeW
FlushFileBuffers
LCMapStringW
SetStdHandle
HeapAlloc
HeapQueryInformation
HeapSize
HeapReAlloc
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
RaiseException
RtlUnwind
GetModuleFileNameW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapValidate
GetSystemInfo
EnterCriticalSection
LeaveCriticalSection
GetConsoleMode
ReadConsoleW
SetLastError
GetCurrentThreadId
GetStdHandle
DeleteCriticalSection
SetFilePointerEx
GetFileType
GetStartupInfoW
GetFileAttributesExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
DeleteFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetConsoleCP
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
WaitForSingleObjectEx
LoadLibraryExW
OutputDebugStringA
WriteConsoleW
FreeLibrary
HeapFree
VirtualQuery

user32

EnumWindows
GetClassNameA

advapi32

InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
SetSecurityDescriptorDacl

shell32

ShellExecuteA
SHFileOperationA

ws2_32

recv
socket
closesocket
gethostbyname
send
connect
WSACleanup
htons
inet_addr
WSAStartup
__WSAFDIsSet
select
ioctlsocket
getpeername
recvfrom
sendto
WSAGetLastError
getaddrinfo
freeaddrinfo
inet_ntoa

winmm

timeGetTime

Sections

.text
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76506ee3413225d254fb2c46479e269b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

winmm

Sections

.text Size: 354KB - Virtual size: 353KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 8KB - Virtual size: 113KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 354KB - Virtual size: 353KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 8KB - Virtual size: 113KB

.rsrc
Size: 512B - Virtual size: 480B