4fbb3e19abeef83cacced69ae8521cd114795efcddf665a4f636a073635ad3b6

Sharing

Copy URL Twitter E-mail

General

Target

4fbb3e19abeef83cacced69ae8521cd114795efcddf665a4f636a073635ad3b6
Size

873KB
MD5

810c7d332e2b29328b2530ebf135b8d9
SHA1

86e794fe8bd88048ee4ab5ea10d14ec630bc9bae
SHA256

4fbb3e19abeef83cacced69ae8521cd114795efcddf665a4f636a073635ad3b6
SHA512

e0ecdc6360b8b8812ec759a231ea0f3033e31bcc9bbc0a0b9f06e3632a1c0be08f767b78cbf4f7b31b1b1a7ece5ba30d2dabbff64f06fd1aa5fa78dc51687c71
SSDEEP

12288:vTx4xxXBo4gn6nuUHn0k2BZ5QiJ0ak+HXblpcpSSYMy+FcM1gA:vTqS4gUPHn0k235QFak+rYpSZqFNWA

Score

N/A

Malware Config

Signatures

Files

4fbb3e19abeef83cacced69ae8521cd114795efcddf665a4f636a073635ad3b6
.exe windows x86

639d39016fc67debefade56739e52246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htons
connect
ioctlsocket
htonl
socket
gethostbyname
shutdown
WSASetLastError
ntohs
ntohl
select
recv
send
getsockopt
setsockopt
closesocket
WSACleanup
WSAStartup
WSAGetLastError

kernel32

LeaveCriticalSection
CloseHandle
GetLastError
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
OpenProcess
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
SetEvent
SetConsoleCtrlHandler
CreateEventA
WaitForMultipleObjects
FormatMessageA
GetSystemTimeAsFileTime
FileTimeToSystemTime
SetLastError
FileTimeToLocalFileTime
GetTimeZoneInformation
GetLocalTime
GetVersion
WideCharToMultiByte
MultiByteToWideChar
ReleaseMutex
UnmapViewOfFile
OpenEventA
OpenMutexA
MapViewOfFile
OpenFileMappingA
WriteFile
SetFilePointer
CreateFileW
CreateFileA
GetProcessAffinityMask
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
ResetEvent
ReadFile
GetOverlappedResult
Sleep
GetModuleFileNameA
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindFirstFileA
FindClose
ReadConsoleInputA
SetConsoleMode
GetDriveTypeA
GetFileType
GetStdHandle
QueryPerformanceCounter
GlobalMemoryStatus
FlushConsoleInputBuffer
RtlUnwind
HeapAlloc
RaiseException
HeapFree
GetModuleHandleA
ExitProcess
HeapReAlloc
MoveFileA
DeleteFileA
HeapDestroy
HeapCreate
VirtualFree
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
TerminateProcess
IsDebuggerPresent
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetFullPathNameA
GetCurrentDirectoryA
GetVersionExA

advapi32

DeregisterEventSource
RegisterEventSourceA
ReportEventA

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA

Sections

.text
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

639d39016fc67debefade56739e52246

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

user32

Sections

.text Size: 532KB - Virtual size: 531KB

.rdata Size: 160KB - Virtual size: 159KB

.data Size: 68KB - Virtual size: 82KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 532KB - Virtual size: 531KB

.rdata
Size: 160KB - Virtual size: 159KB

.data
Size: 68KB - Virtual size: 82KB

.rsrc
Size: 104KB - Virtual size: 104KB