2dec066971b724ad5ef2bc319a3f4753402d7a56937d307ed0f59dcd83ebe493

Sharing

Copy URL Twitter E-mail

General

Target

2dec066971b724ad5ef2bc319a3f4753402d7a56937d307ed0f59dcd83ebe493
Size

392KB
MD5

5f79fa0cb05647c1f2762c17af3d148b
SHA1

438897823e458555b8865ebeece48870109ff5ff
SHA256

2dec066971b724ad5ef2bc319a3f4753402d7a56937d307ed0f59dcd83ebe493
SHA512

c649290b6f6d1137ba47a3bf2ee7b4bffe922a6bc69bab66856ef3bdefeab720fd4cc3c85e87f1884c9bc244bfb2a7122aa8b674237681f00731a1e9bbefbffa
SSDEEP

6144:8yQTr+bKDxrP5KYE6ySIA32QwQ20/beVyI7J8/DUqQiXV6aeib4yjhJr11:tU+bGrP590SI85TbelJ8UqzJx

Score

N/A

Malware Config

Signatures

Files

2dec066971b724ad5ef2bc319a3f4753402d7a56937d307ed0f59dcd83ebe493
.exe windows x86

aa5e0672ac436692e28d1e13d9e7d98e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSAGetLastError
inet_ntoa
inet_addr
ioctlsocket
htons
ntohs
recv
bind
socket
closesocket
send
listen
accept

shlwapi

PathIsDirectoryA
PathFindOnPathA

advapi32

DeregisterEventSource
ControlService
QueryServiceConfigA
RegEnumValueA
OpenSCManagerA
SetServiceStatus
QueryServiceStatus
StartServiceA
CreateServiceA
RegQueryValueExA
RegisterServiceCtrlHandlerA
DeleteService
StartServiceCtrlDispatcherA
CloseServiceHandle
OpenServiceA
RegCloseKey
RegOpenKeyExA
ReportEventA
RegisterEventSourceA
RegSetValueExA
RegCreateKeyA

user32

FindWindowA
GetWindowPlacement
SetWindowPlacement

kernel32

GetStringTypeW
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
RaiseException
HeapSize
SetEndOfFile
EnterCriticalSection
GetStringTypeA
LCMapStringW
LCMapStringA
GetTickCount
lstrlenA
WaitForSingleObject
FormatMessageA
GetLastError
GlobalFree
WriteConsoleA
GetModuleFileNameA
CreateMutexA
GetCurrentThreadId
ReleaseMutex
CloseHandle
GetFullPathNameA
SetPriorityClass
PeekNamedPipe
AllocConsole
GetCurrentProcess
QueryPerformanceCounter
GenerateConsoleCtrlEvent
ExpandEnvironmentStringsA
Sleep
GetExitCodeProcess
CreateProcessA
TerminateProcess
ReadFile
GetEnvironmentVariableA
SetConsoleTitleA
GetStdHandle
GetProcAddress
LoadLibraryA
SetConsoleCtrlHandler
CreatePipe
GetModuleHandleA
QueryPerformanceFrequency
DuplicateHandle
GetCurrentProcessId
CreateThread
MoveFileA
HeapFree
HeapAlloc
LeaveCriticalSection
DeleteFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetDriveTypeA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
MultiByteToWideChar
ExitProcess
GetCommandLineA
GetVersionExA
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
SetHandleCount
GetFileType
GetStartupInfoA
WideCharToMultiByte
GetConsoleCP
FlushFileBuffers
RtlUnwind
SetFilePointer
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateFileA
SetEnvironmentVariableA
SetEnvironmentVariableW
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa5e0672ac436692e28d1e13d9e7d98e

Headers

File Characteristics

Imports

wsock32

shlwapi

advapi32

user32

kernel32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 8KB - Virtual size: 5KB

.vmp0 Size: 192KB - Virtual size: 1.3MB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 5KB

.vmp0
Size: 192KB - Virtual size: 1.3MB