48834dfe8b1c2b5d55433ae12dcb3b6e56bee8578a5fc770a64fd4170cd36c8a

General

Target

48834dfe8b1c2b5d55433ae12dcb3b6e56bee8578a5fc770a64fd4170cd36c8a
Size

335KB
MD5

8118d8d9d2ae3c9e727bcd3dd2377b95
SHA1

a315c6754bddb8c129c06250dca49aaee7114a63
SHA256

48834dfe8b1c2b5d55433ae12dcb3b6e56bee8578a5fc770a64fd4170cd36c8a
SHA512

1f27fde3784312be9f40d0d123a7c33f364b5515c13def120691f6d7f94b588718d40c03f3d52f6d80327bc2d32c40974e56cfd85d1fd32ff98ea7eeea83f292
SSDEEP

6144:PlDTSNsJsYtP0XVDP2j7h+dXM2DAv65gy0xBEXnXjR6k356Yr7QB:PhoitQVrTXoNx0T35tAB

Score

N/A

Malware Config

Signatures

Files

48834dfe8b1c2b5d55433ae12dcb3b6e56bee8578a5fc770a64fd4170cd36c8a
.exe windows x86

ff7f8b425fa6f88215f03f49da64608b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
GetDeviceCaps
CreateCompatibleBitmap
GetBitmapBits
BitBlt
CreateDCA
GetObjectA
SelectObject
CreateCompatibleDC
DeleteDC

kernel32

GetCurrentThreadId
GetFileType
CloseHandle
FreeLibrary
FlushConsoleInputBuffer
GetThreadTimes
GlobalMemoryStatus
SetLastError
GetStdHandle
CreateMutexA
VirtualAlloc

user32

MessageBoxIndirectA

wsock32

recv
htonl
socket
ntohs
WSACancelBlockingCall
closesocket
gethostbyname
WSAGetLastError
bind
inet_ntoa
ntohl
WSACleanup
getsockopt
connect
htons
accept
WSASetLastError
WSAStartup
getservbyname
listen
send
shutdown
setsockopt

esent

JetCreateIndex
JetDupCursor
JetBeginExternalBackupInstance
JetCloseDatabase
JetOpenTempTable
JetReadFileInstance
JetGotoPosition
JetInit2
JetBeginTransaction2
JetDetachDatabase2
JetDefragment2
JetRegisterCallback
JetRetrieveKey
JetUpdate
JetGetDatabaseInfo
JetCreateInstance
JetGetLogInfoInstance
JetStopBackupInstance
JetGetDatabaseFileInfo
JetCloseFileInstance

rasadhlp

WSAttemptAutodialAddr

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 950KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff7f8b425fa6f88215f03f49da64608b

Headers

File Characteristics

Imports

gdi32

kernel32

user32

wsock32

esent

rasadhlp

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 308KB - Virtual size: 950KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 308KB - Virtual size: 950KB

.rsrc
Size: 5KB - Virtual size: 5KB