4717ee0e3aeb1b4cb4bb323f6c3678572f5f150e5e1b650205f96561c99d608f

Sharing

Copy URL Twitter E-mail

General

Target

4717ee0e3aeb1b4cb4bb323f6c3678572f5f150e5e1b650205f96561c99d608f
Size

190KB
MD5

90db9046b90aa01cb298bd140dc608c3
SHA1

00db515b7a78bb1beaaa26b5d0a56e090c4e0fe9
SHA256

4717ee0e3aeb1b4cb4bb323f6c3678572f5f150e5e1b650205f96561c99d608f
SHA512

20e1eae7a2f6f6722e37ab24a7e9c45c799eed19c4aba1c7035a9ba7a716dcf824e70535677154b981bab34342f6e2a174eacb817ec3a728815a426886bf128b
SSDEEP

3072:MO0kvvzkHxJ8lJyreZnhSDWE36KO2POOeVuVGJ9ARX5RSFIkgadJ+qiftl6JEXOR:Zvzk8l4reSSEKgPOO2fARjaI7ab+q8F+

Score

N/A

Malware Config

Signatures

Files

4717ee0e3aeb1b4cb4bb323f6c3678572f5f150e5e1b650205f96561c99d608f
.exe windows x86

860840f92c192e9b8448d1b8931873c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iocptcp

TcpInit
TcpListen
TcpCreate
TcpDestroy
TcpGetLinkAddr
TcpUninit
TcpSend

kernel32

GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFullPathNameA
CreateFileA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetSystemTimeAsFileTime
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcmpW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetProcAddress
lstrcpyA
lstrcatA
lstrcmpA
RaiseException
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
CreateThread
TerminateThread
GetTickCount
GetLocalTime
GetCurrentThreadId
OutputDebugStringA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetPrivateProfileStringA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
OpenProcess
GetTimeZoneInformation
GetModuleFileNameA
CreatePipe
WriteFile
PeekNamedPipe
ReadFile
SetConsoleCtrlHandler
Sleep
SetEvent
GetCurrentProcess
GetCommandLineA
GetModuleHandleA
InterlockedIncrement
TerminateProcess
CloseHandle
OpenEventA
CreateProcessA
CreateEventA
WaitForSingleObject
CreateDirectoryA
CompareStringW
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
lstrcmpiA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
ExitProcess

user32

GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetKeyState
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
CallNextHookEx
RemovePropA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
SendMessageA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetPropA
GetClassLongA
SetWindowsHookExA
CreateWindowExA
SetPropA
GetClassNameA
GetClassInfoExA
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageA
DispatchMessageA
GetMessageA
TranslateMessage
wsprintfA
GetForegroundWindow
GetFocus
GetCapture
PostQuitMessage
DestroyMenu
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
ValidateRect
RegisterWindowMessageA
WinHelpA

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

SetServiceStatus
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantChangeType
VariantClear
VariantInit

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ws2_32

ntohs
htonl
ntohl
htons

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

860840f92c192e9b8448d1b8931873c9

Headers

File Characteristics

Imports

iocptcp

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

psapi

version

ws2_32

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 25KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 10KB - Virtual size: 10KB