2ed66d7b366c5338a2b15643ac5c0a4e549f74cfcca5b3aacb31545147e4e01c

Sharing

Copy URL Twitter E-mail

General

Target

2ed66d7b366c5338a2b15643ac5c0a4e549f74cfcca5b3aacb31545147e4e01c
Size

81KB
MD5

786416b6233b3c46526fdcf69ab02402
SHA1

9e40ab54d1fa8315738db1728ca0aa3dff4682a0
SHA256

2ed66d7b366c5338a2b15643ac5c0a4e549f74cfcca5b3aacb31545147e4e01c
SHA512

deafc5c930cc3b9d280c7bc992505ef17f4f38b51dfd0b2d4e331bd9ee266c24119367041fcad8994724e419554c47acbce616399f6133badb642d4cb00052e4
SSDEEP

1536:C4Ca7gM6/IFfLHZ8824hIYtPVkZAT5vXJoB:C4Ca7s/efL1HPkZAT5vXJoB

Score

N/A

Malware Config

Signatures

Files

2ed66d7b366c5338a2b15643ac5c0a4e549f74cfcca5b3aacb31545147e4e01c
.exe windows x86

a5ec2a9ab9f9e020c4eae67aaa6cf4ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
send
WSAResetEvent
WSAGetOverlappedResult
WSAWaitForMultipleEvents
WSACloseEvent
WSARecv
WSACreateEvent
inet_ntoa
WSACleanup
closesocket
ntohs
shutdown
connect
htons
WSAGetLastError
WSASocketW
WSAStartup

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses
NotifyAddrChange

psapi

GetProcessMemoryInfo

dbghelp

MiniDumpWriteDump

kernel32

WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
CreateThread
CloseHandle
SetEvent
WaitForSingleObject
ResetEvent
CreateEventW
InitializeCriticalSection
GetExitCodeThread
DeleteCriticalSection
Sleep
LCMapStringA
GetLocalTime
GetModuleFileNameA
CreateFileA
WriteFile
CreateProcessW
GetLastError
EnterCriticalSection
CreateNamedPipeW
ConnectNamedPipe
DisconnectNamedPipe
LeaveCriticalSection
TerminateProcess
FlushFileBuffers
CreatePipe
SetHandleInformation
ReadFile
GetCurrentThreadId
GetCurrentProcessId
lstrcmpiW
SetUnhandledExceptionFilter
GetModuleFileNameW
GetTickCount
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
GetCurrentProcess
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
GetProcAddress
ExitProcess
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
RtlUnwind

advapi32

CloseServiceHandle
StartServiceW
DeleteService
ControlService
QueryServiceStatusEx
OpenServiceW
ChangeServiceConfig2W
CreateServiceW
OpenSCManagerW
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5ec2a9ab9f9e020c4eae67aaa6cf4ec

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

iphlpapi

psapi

dbghelp

kernel32

advapi32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB