1e4bb5d3316c8c45f03b7b93fee7ba0955c7cfe55e2f4e830f9cfe61e3a0fa71

Sharing

Copy URL Twitter E-mail

General

Target

1e4bb5d3316c8c45f03b7b93fee7ba0955c7cfe55e2f4e830f9cfe61e3a0fa71
Size

108KB
MD5

a06dec9e0755fab6bc3846fe99d1d420
SHA1

8e3eeb3c083d392a488484e0796e2fa1fd852cf9
SHA256

1e4bb5d3316c8c45f03b7b93fee7ba0955c7cfe55e2f4e830f9cfe61e3a0fa71
SHA512

7a6e3afd2343f7403cd570c6c47792784becdfceab4b55da07c470639aaa6fc36ca914d5be5136079d0ee5eec3f83777e72d9737f78363b6745d421f2e8e63f2
SSDEEP

1536:t4KToSdwdJpahP2Wkb0l8PsvBWFnFLIjKNAX//DsQ8c7enqoyFVHAvrZhqCzCtK0:5nHkIl8PWmLnKDsQ8c7engAqCz82

Score

N/A

Malware Config

Signatures

Files

1e4bb5d3316c8c45f03b7b93fee7ba0955c7cfe55e2f4e830f9cfe61e3a0fa71
.exe windows x86

d72702ae2f1699938fe3fedded46cad0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr110

_strdup
_strnicmp
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
_except_handler4_common
_getpid
_commode
_fmode
__initenv
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
realloc
strrchr
memmove
wcsncmp
_close
modf
isdigit
islower
isalpha
_errno
memchr
memset
_wenviron
_environ
free
strerror
memcpy
_libm_sse2_sqrt_precise
signal
printf
fprintf
fopen
fflush
fclose
__iob_func
perror
malloc
calloc
qsort
atoi
exit
strstr
strncpy
strncmp
strchr
isspace

wsock32

ioctlsocket
setsockopt
inet_ntoa
htons
recv
WSAGetLastError
socket
shutdown
select
listen
getsockopt
connect
closesocket
bind
accept
__WSAFDIsSet
send
ntohl
WSACleanup
WSAStartup
getsockname

ws2_32

freeaddrinfo
getaddrinfo
WSASend
WSARecv

kernel32

GetExitCodeProcess
DeleteCriticalSection
LoadLibraryA
GetProcAddress
GetVersionExA
GetCurrentThreadId
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
TerminateProcess
CreateEventA
SetHandleInformation
LocalFree
GetFileType
WaitForSingleObject
DeviceIoControl
GetOverlappedResult
GetLastError
CloseHandle
SetFilePointer
GetFileInformationByHandle
CreateFileW
SetStdHandle
GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
Sleep
SetLastError
GlobalFree
TlsFree
TlsAlloc
GetCommandLineW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FormatMessageA
ReadFile
PeekNamedPipe
SetEvent
ReleaseMutex
CancelIo
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent

advapi32

FreeSid
GetEffectiveRightsFromAclW
GetNamedSecurityInfoA
GetNamedSecurityInfoW
GetSecurityInfo
AllocateAndInitializeSid

shell32

CommandLineToArgvW

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d72702ae2f1699938fe3fedded46cad0

Headers

DLL Characteristics

File Characteristics

Imports

msvcr110

wsock32

ws2_32

kernel32

advapi32

shell32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 21KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 32KB - Virtual size: 33KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 21KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 32KB - Virtual size: 33KB