386db46194478386653ee4764850c008b03ad797f4126cf092b626d377d86ce9

Sharing

Copy URL Twitter E-mail

General

Target

386db46194478386653ee4764850c008b03ad797f4126cf092b626d377d86ce9
Size

256KB
MD5

814a3f2eafa37f8b0fa31a0ae2f4e970
SHA1

af06830a116a0ce5667de08a34176d8f7c35e20e
SHA256

386db46194478386653ee4764850c008b03ad797f4126cf092b626d377d86ce9
SHA512

d02d44424681caf9999bd94611c54b771f1c32242a15383c6ec2749de73013a15c229dca838d63385c742eca39776c0f55be00a5afd1d2b476a845b331783dac
SSDEEP

3072:UrOQek9HR7/v+6gdOpcZNbxPrU28mCND/xqFIIXoCXVE92Hzo/:iOQekT9fmZJxDU1OTAMzo/

Score

N/A

Malware Config

Signatures

Files

386db46194478386653ee4764850c008b03ad797f4126cf092b626d377d86ce9
.exe windows x86

cfd8acf4a68bb34b810854437fca07a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetTickCount
FreeLibrary
GetCurrentThread
GetModuleHandleA
GetTimeZoneInformation
SetEndOfFile
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetLastError
GetLocalTime
GetSystemDirectoryW
GetSystemTime
GetComputerNameW
GetPrivateProfileIntW
GetTempPathW
GetCurrentDirectoryW
CompareFileTime
GetFileTime
SetEnvironmentVariableW
ExpandEnvironmentStringsW
ExitProcess
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentProcess
HeapAlloc
HeapFree
GetVersion
GetFileAttributesW
MoveFileExW
GetWindowsDirectoryW
GetShortPathNameW
MoveFileW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
CopyFileW
CreateDirectoryW
LoadLibraryW
GetTempFileNameW
CreateMutexW
RemoveDirectoryW
ReadFile
SetFilePointer
SetFileAttributesW
Sleep
ExpandEnvironmentStringsA
MultiByteToWideChar
WideCharToMultiByte
FindFirstFileW
FindNextFileW
FindClose
GetFileSize
DeleteFileW
CreateFileW
CloseHandle
ReleaseMutex
WaitForSingleObject
WriteFile
HeapReAlloc
RaiseException
GetStringTypeW
GetStringTypeA
GetStdHandle
SetHandleCount
TerminateProcess
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentVariableA
UnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
GetFileType
GetModuleFileNameA
GetCommandLineA
GetStartupInfoA

user32

LoadStringW
MessageBoxA
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
ExitWindowsEx
MessageBoxW
LoadStringA

gdi32

DeleteDC
CreateICW
GetDeviceCaps

advapi32

RegOpenKeyExW
RegCreateKeyExW
FreeSid
OpenThreadToken
OpenProcessToken
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
EqualSid
AllocateAndInitializeSid
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegOpenKeyW
RegQueryValueExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wsock32

gethostbyname
closesocket
htons
setsockopt
WSAStartup
ioctlsocket
socket
WSAGetLastError
WSASetLastError
inet_ntoa
connect
select
__WSAFDIsSet
WSACleanup
recv
send

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfd8acf4a68bb34b810854437fca07a2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

wsock32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 32KB - Virtual size: 44KB

.rsrc Size: 24KB - Virtual size: 43KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 32KB - Virtual size: 44KB

.rsrc
Size: 24KB - Virtual size: 43KB