c80bfbececa3eddc75ef40653ddd8478d7d21d98a051250bfa0d4ce2c0819ccb

General

Target

c80bfbececa3eddc75ef40653ddd8478d7d21d98a051250bfa0d4ce2c0819ccb
Size

156KB
MD5

804856f66b5c267787afcb43d84dbd48
SHA1

d96f087ebcb7a84d79c555057730d5e591babfd6
SHA256

c80bfbececa3eddc75ef40653ddd8478d7d21d98a051250bfa0d4ce2c0819ccb
SHA512

855e0b47dbffe7091fd7c90b8800d68a7e789c82bfcf69201c4306c95f262975aca9be93f532b9ed65f4a56dd04ee917471b7a46752d6446611f0a3dc1c27695
SSDEEP

3072:TAWpVgRXXIDuYt4/JBOAWknfdTz8KQ2OvRq7YZYk9a42vBn6GKcCt:MWU1XU2OglTr1OvReYZYvPvYGK

Score

N/A

Malware Config

Signatures

Files

c80bfbececa3eddc75ef40653ddd8478d7d21d98a051250bfa0d4ce2c0819ccb
.exe windows x86

27d5df15beb48a7a236aba87d669f581

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
ExitProcess
HeapAlloc
HeapFree
GetProcessHeap
Sleep
GetVersion
GetCommandLineA
GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetStringTypeW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess

user32

GetKeyNameTextW
OffsetRect
SendDlgItemMessageW
EndDialog
CheckRadioButton
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DestroyWindow
IsWindow
CallWindowProcW
EnableWindow
GetDlgItem
SetWindowLongW
GetScrollPos
EndPaint
GetWindow
GetParent
MapVirtualKeyA
GetWindowThreadProcessId
DefWindowProcA
DispatchMessageA
CreateDialogIndirectParamA
DialogBoxIndirectParamA
ValidateRect
InvalidateRect
BeginPaint
PostMessageW
GetDesktopWindow
LoadImageA

ws2_32

gethostbyaddr
connect
closesocket
bind
accept
WSACleanup
socket
WSAStartup
send

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27d5df15beb48a7a236aba87d669f581

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 105KB - Virtual size: 104KB

.xdata Size: 3KB - Virtual size: 1.1MB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 105KB - Virtual size: 104KB

.xdata
Size: 3KB - Virtual size: 1.1MB

.reloc
Size: 2KB - Virtual size: 2KB