0a874c1056e20a020b9893cf312c59def89cb45c3a594fd7d497b443dae23717

Sharing

Copy URL Twitter E-mail

General

Target

0a874c1056e20a020b9893cf312c59def89cb45c3a594fd7d497b443dae23717
Size

212KB
MD5

70905f7fc3d834ec24429b683edc2a22
SHA1

d0b274dcb2b116a0cee3ca516de176078cdf0d52
SHA256

0a874c1056e20a020b9893cf312c59def89cb45c3a594fd7d497b443dae23717
SHA512

b5aac5d4220852d75ef240ad8bd5c99b4dfab7c03bf2d6d3a42608f486e17a2035e6bceb3caea394c8b0f531f1d62a98233595b09461d7d304f35b23fd1aab64
SSDEEP

6144:s2GiWgboJfqE0e/8XUZiaR9re8l9+/BHUzVSdG:suyV0e0XUZtLM5HUzd

Score

N/A

Malware Config

Signatures

Files

0a874c1056e20a020b9893cf312c59def89cb45c3a594fd7d497b443dae23717
.exe windows x86

d49ea5a582015b08a74b1ff0475064b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentProcess
IsBadReadPtr
GetEnvironmentStringsW
GetPrivateProfileStringW
lstrcmpW
ReleaseSemaphore
GetQueuedCompletionStatus
SetEvent
GetFullPathNameW
SetEndOfFile
CloseHandle
InterlockedExchange
IsBadWritePtr
HeapFree
GetProcessHeap
MultiByteToWideChar
lstrcmpiW
WaitForMultipleObjects
ResetEvent
GetDiskFreeSpaceW
GetACP
GetCurrentProcessId
GetFileSize
lstrlenW
HeapAlloc
GlobalFree
GetModuleFileNameA
GetVersionExW
lstrcpyW
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThread
GetSystemTimeAsFileTime
GetProfileIntA
GetSystemInfo
SetFilePointer
GetThreadPriority
QueryPerformanceCounter
GetFileAttributesW
GetLastError
FreeLibrary
GlobalHandle
CreateEventW
InterlockedDecrement
ReadFile
WaitForSingleObject
SetUnhandledExceptionFilter
VirtualFree
CreateFileW
LeaveCriticalSection
MulDiv
CreateSemaphoreW
lstrcpynW
WideCharToMultiByte
CreateThread
EnterCriticalSection
GlobalLock
WriteFile
lstrcpyA
LoadLibraryW
GlobalMemoryStatus
InterlockedIncrement
IsBadCodePtr
GetTickCount
GlobalUnlock
SetThreadPriority

user32

SetCursor
SendMessageW
LoadStringW
GetDlgItem
DestroyWindow
GetDesktopWindow
LoadCursorW
MoveWindow
SetDlgItemInt
GetAsyncKeyState
GetDC
TranslateMessage
IsRectEmpty
CheckRadioButton
ShowWindow
SetWindowLongW
IsWindow
CheckDlgButton
GetClientRect
GetWindowLongW
EnableWindow
DispatchMessageW
InvalidateRect
GetDlgItemInt
GetWindowRect
DefWindowProcW
IsWindowVisible
ClientToScreen
SetDlgItemTextW
PeekMessageW
ReleaseDC
CreateDialogParamW

netshell

StartNCW
NcIsValidConnectionName
DllGetClassObject

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d49ea5a582015b08a74b1ff0475064b1

Headers

File Characteristics

Imports

kernel32

user32

netshell

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 43KB - Virtual size: 6.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 43KB - Virtual size: 6.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB