cc792ee0548752f3bbd5913789827e1076f02370385d956f107e5221fdcaafdf

Sharing

Copy URL

Twitter E-mail

General

Target

cc792ee0548752f3bbd5913789827e1076f02370385d956f107e5221fdcaafdf
Size

212KB
MD5

9636c1c098d2aa7c73df065ee127aacf
SHA1

5de2c3f9315e6eac39a7315a91191c69a2993afc
SHA256

cc792ee0548752f3bbd5913789827e1076f02370385d956f107e5221fdcaafdf
SHA512

f76c6a38bdf61887b5a6a9925de26fab46814aa39f3cc8be08a0920766c1f06d1442379489e360a66ffed486779b929a3cf5060ac12ede5dd64d572a6ccdf68c
SSDEEP

6144:5Vdf/dN3C91JP4VkKn+mQV1BrP5ewK8XcpDdj/k/3VG:3Fr3C91JAVB+mCFW8Mpp/k/3VG

Score

N/A

Malware Config

Signatures

Files

cc792ee0548752f3bbd5913789827e1076f02370385d956f107e5221fdcaafdf
.exe windows x86

50e71e1f7a5f2e704d956f63cf1d1662

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
lstrcpyW
lstrcpyA
DeleteCriticalSection
IsBadCodePtr
GlobalAlloc
GlobalHandle
GetFileSize
HeapAlloc
FreeLibrary
SetFilePointer
GetCurrentProcess
InterlockedExchange
WriteFile
GetFileAttributesW
CreateThread
SetThreadPriority
WaitForSingleObject
GetProfileIntA
GetStartupInfoA
lstrcmpiW
CreateFileW
HeapFree
GetThreadPriority
lstrlenA
GetVersionExW
lstrcmpW
IsBadReadPtr
VirtualFree
GetSystemDefaultLangID
MulDiv
GetDiskFreeSpaceW
InitializeCriticalSection
MultiByteToWideChar
GetCurrentProcessId
GetLastError
GetQueuedCompletionStatus
GlobalMemoryStatus
lstrcpynW
GetProcessHeap
LeaveCriticalSection
ResetEvent
GlobalLock
SetEndOfFile
SetEvent
GetPrivateProfileStringW
GetProcAddress
ReadFile
IsBadWritePtr
CloseHandle
GetCurrentThread
GlobalUnlock
GetSystemTimeAsFileTime
CreateEventW
lstrlenW
EnterCriticalSection
WaitForMultipleObjects
GlobalFree
SetUnhandledExceptionFilter
InterlockedIncrement
OutputDebugStringW
LoadLibraryW
WideCharToMultiByte
GetEnvironmentStringsW
GetTickCount
QueryPerformanceCounter
GetModuleFileNameA
CreateSemaphoreW
InterlockedDecrement
GetFullPathNameW

user32

LoadCursorW
DispatchMessageW
PeekMessageW
ShowWindow
GetDC
GetAsyncKeyState
TranslateMessage
MoveWindow
IsWindowVisible
SetWindowLongW
DestroyWindow
SetCursor
EnableWindow
CheckRadioButton
IsRectEmpty
GetDlgItem
IsWindow
DefWindowProcW
GetDlgItemInt
SendMessageW
CreateDialogParamW
InvalidateRect
GetDesktopWindow
GetWindowLongW
ReleaseDC
GetClientRect
GetWindowRect
SetDlgItemInt
CheckDlgButton
LoadStringW
ClientToScreen
SetDlgItemTextW

netshell

DllGetClassObject
StartNCW
NcIsValidConnectionName

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50e71e1f7a5f2e704d956f63cf1d1662

Headers

File Characteristics

Imports

kernel32

user32

netshell

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 35KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 35KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 2KB - Virtual size: 1KB