f7242a3cec4392befad8f4e5f1cb0482a18f7da63827d391be38bb43fd583896

Sharing

Copy URL Twitter E-mail

General

Target

f7242a3cec4392befad8f4e5f1cb0482a18f7da63827d391be38bb43fd583896
Size

212KB
MD5

80a9d19f142486845c986cac89463fa0
SHA1

482e354bd77cc794c88a2d65c1b63a668dee1889
SHA256

f7242a3cec4392befad8f4e5f1cb0482a18f7da63827d391be38bb43fd583896
SHA512

40c1e0bb03ae1daffcc3e575dadc612f6775905d5679503bcff9ef7bd27a1f5f6138229c229d31fe5546d719ea6719740d0afc8e96db137ad1c779b94ad83fdb
SSDEEP

6144:s2GiWgboJfqE0e/8XUZiaR9re8l9+/BHUzVSd9:suyV0e0XUZtLM5HUzG

Score

N/A

Malware Config

Signatures

Files

f7242a3cec4392befad8f4e5f1cb0482a18f7da63827d391be38bb43fd583896
.exe windows x86

d49ea5a582015b08a74b1ff0475064b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentProcess
IsBadReadPtr
GetEnvironmentStringsW
GetPrivateProfileStringW
lstrcmpW
ReleaseSemaphore
GetQueuedCompletionStatus
SetEvent
GetFullPathNameW
SetEndOfFile
CloseHandle
InterlockedExchange
IsBadWritePtr
HeapFree
GetProcessHeap
MultiByteToWideChar
lstrcmpiW
WaitForMultipleObjects
ResetEvent
GetDiskFreeSpaceW
GetACP
GetCurrentProcessId
GetFileSize
lstrlenW
HeapAlloc
GlobalFree
GetModuleFileNameA
GetVersionExW
lstrcpyW
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThread
GetSystemTimeAsFileTime
GetProfileIntA
GetSystemInfo
SetFilePointer
GetThreadPriority
QueryPerformanceCounter
GetFileAttributesW
GetLastError
FreeLibrary
GlobalHandle
CreateEventW
InterlockedDecrement
ReadFile
WaitForSingleObject
SetUnhandledExceptionFilter
VirtualFree
CreateFileW
LeaveCriticalSection
MulDiv
CreateSemaphoreW
lstrcpynW
WideCharToMultiByte
CreateThread
EnterCriticalSection
GlobalLock
WriteFile
lstrcpyA
LoadLibraryW
GlobalMemoryStatus
InterlockedIncrement
IsBadCodePtr
GetTickCount
GlobalUnlock
SetThreadPriority

user32

SetCursor
SendMessageW
LoadStringW
GetDlgItem
DestroyWindow
GetDesktopWindow
LoadCursorW
MoveWindow
SetDlgItemInt
GetAsyncKeyState
GetDC
TranslateMessage
IsRectEmpty
CheckRadioButton
ShowWindow
SetWindowLongW
IsWindow
CheckDlgButton
GetClientRect
GetWindowLongW
EnableWindow
DispatchMessageW
InvalidateRect
GetDlgItemInt
GetWindowRect
DefWindowProcW
IsWindowVisible
ClientToScreen
SetDlgItemTextW
PeekMessageW
ReleaseDC
CreateDialogParamW

netshell

StartNCW
NcIsValidConnectionName
DllGetClassObject

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d49ea5a582015b08a74b1ff0475064b1

Headers

File Characteristics

Imports

kernel32

user32

netshell

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 43KB - Virtual size: 6.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 43KB - Virtual size: 6.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB