25814800b2b6f834e15123c56b2562e3d35838e749cb9c512e2a41282d110b1c

Sharing

Copy URL

Twitter E-mail

General

Target

25814800b2b6f834e15123c56b2562e3d35838e749cb9c512e2a41282d110b1c
Size

328KB
MD5

9631caa7238f4ec0b266608908544820
SHA1

83d6b8c29cefef87f216186f75dd608914b84be3
SHA256

25814800b2b6f834e15123c56b2562e3d35838e749cb9c512e2a41282d110b1c
SHA512

cd06f8c4821588d88246278df70b9e40eef58f7a209ba0c2ac7d7f30d5f387b09daf30435567d62f60df3a10deef59f40a3bed1b5fb8ec7f2d400b843ced09ff
SSDEEP

6144:TwcOHrxfHwUeeGrD2k++m4vUzbRsAOpUAOk8i210WZ:T3ixfHwoGv2k3tszbRsvUGf2KWZ

Score

N/A

Malware Config

Signatures

Files

25814800b2b6f834e15123c56b2562e3d35838e749cb9c512e2a41282d110b1c
.exe windows x86

06a2ec2ba9175e6b554149db08c7aba5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

send
gethostbyname
closesocket
WSASetLastError
__WSAFDIsSet
socket
ioctlsocket
gethostname
connect
WSAStartup
recvfrom
select
WSAGetLastError
htons
getsockname
setsockopt
sendto
recv

pdh

PdhMakeCounterPathA
PdhCloseQuery
PdhOpenQueryA
PdhAddCounterA
PdhCollectQueryData
PdhLookupPerfNameByIndexA
PdhGetFormattedCounterValue

kernel32

OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
LoadLibraryExW
GetCPInfo
GetOEMCP
CreateFileA
WaitForSingleObject
FormatMessageA
GetWindowsDirectoryA
GetDriveTypeA
Sleep
GetFileAttributesA
CreateProcessA
ReadFile
CreateDirectoryA
GetFileSizeEx
LoadLibraryW
GetLogicalDriveStringsA
GetLastError
FindClose
GlobalMemoryStatusEx
FindNextFileA
CreateMutexA
ReleaseMutex
GetDiskFreeSpaceExA
CloseHandle
GetTempPathA
LocalFree
CreateThread
QueryPerformanceCounter
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceFrequency
DeleteCriticalSection
GetACP
IsValidCodePage
SetStdHandle
WriteConsoleW
GetStringTypeW
HeapSize
CompareStringW
LCMapStringW
CreateFileW
SetEndOfFile
GetExitCodeProcess
SetEnvironmentVariableA
GetFileAttributesExW
RaiseException
DeleteFileW
FindFirstFileA
GetTimeZoneInformation
SetFilePointerEx
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
GetCommandLineA
HeapReAlloc
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetLastError
InterlockedIncrement
GetCurrentThreadId
RtlUnwind
ReadConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetFilePointer

user32

MessageBoxA

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
ControlService
OpenSCManagerA
QueryServiceStatusEx
SetServiceStatus
RegDeleteValueA
RegCreateKeyExA
StartServiceA
CreateServiceA
RegisterServiceCtrlHandlerA
ChangeServiceConfig2A
DeleteService
StartServiceCtrlDispatcherA
CloseServiceHandle
OpenServiceA

shell32

SHGetFolderPathA

Sections

.text
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06a2ec2ba9175e6b554149db08c7aba5

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

pdh

kernel32

user32

advapi32

shell32

Sections

.text Size: 219KB - Virtual size: 219KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 18KB - Virtual size: 45KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 219KB - Virtual size: 219KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 18KB - Virtual size: 45KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 16KB