572989652b211aa1c88d8b3443a85acefded74825116112007b2d59db8862929

Sharing

Copy URL Twitter E-mail

General

Target

572989652b211aa1c88d8b3443a85acefded74825116112007b2d59db8862929
Size

620KB
MD5

4ce37123e211e5f8d528e2b815266a0c
SHA1

f069cf18fe4f5a92d02034c29896a3de80f824c0
SHA256

572989652b211aa1c88d8b3443a85acefded74825116112007b2d59db8862929
SHA512

578f98d8394b06348395c7d98a06853df924bd602dc288e692c9b5b34206d574c8d7e53b0e05cfb9589f1b674ec0326a1d58502526986b92b99ebc2733f79b1a
SSDEEP

6144:/tA1DLZiN8tmcXIZoJo5Xj4+97oZIIJaRud/E71v8/LZAdtU:V23Q9oMXR5mIgi712LZA0

Score

N/A

Malware Config

Signatures

Files

572989652b211aa1c88d8b3443a85acefded74825116112007b2d59db8862929
.exe windows x86

89131a827c8209bb15fbd30793aed71e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextCharsetInfo
RectVisible

ws2_32

WSASetServiceW
WSAEnumProtocolsW
WSASendDisconnect
WSAIsBlocking
getsockname
WSAResetEvent
accept
WSADuplicateSocketA
WSAGetServiceClassNameByClassIdW
WSAEnumNetworkEvents

advapi32

RegEnumKeyExA
RegConnectRegistryW
LookupAccountSidA
QueryServiceObjectSecurity
GetAce
RegisterServiceCtrlHandlerW
MakeSelfRelativeSD
RegisterEventSourceW
ReportEventA
GetLengthSid
CryptSetProvParam
BuildSecurityDescriptorW
RegRestoreKeyW
CryptReleaseContext

comdlg32

GetFileTitleA
GetOpenFileNameA

kernel32

VirtualQuery
GlobalGetAtomNameW
SetProcessAffinityMask
GetBinaryTypeA
CreateFileW
FormatMessageW
GetPrivateProfileStringA
GetSystemTime
CompareStringW
GetVolumeInformationW
FindFirstFileW
ExitProcess
GlobalFindAtomW
GetWindowsDirectoryA
SetLastError
SuspendThread
GetCommModemStatus
GetOverlappedResult
lstrcmpiW
EnumSystemCodePagesW
Beep
VirtualQueryEx
GetHandleInformation
FreeLibrary
CreateDirectoryA
WriteConsoleOutputW
GetFullPathNameA

comctl32

ImageList_SetImageCount

user32

GetKeyNameTextA
CharLowerA
InsertMenuItemW
IsCharAlphaNumericW
GetFocus
SetCaretPos
CloseClipboard
DispatchMessageA
TabbedTextOutA
GetDoubleClickTime
KillTimer
GetDC
NotifyWinEvent
GetMonitorInfoA
DrawTextExW
RedrawWindow
SendDlgItemMessageA
DragDetect
GetSysColorBrush
GetMenuStringA
LoadCursorA
GetUserObjectInformationW
LoadAcceleratorsA
GetScrollBarInfo
WindowFromDC

msvcrt

_strnicoll
_getche
_wcsicmp
wcsftime
atol
_setmode
ungetc
_kbhit
_wtol
_vsnwprintf
fgetws
wcstok
_itoa
wcscspn
_strnicmp

Sections

.text
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89131a827c8209bb15fbd30793aed71e

Headers

File Characteristics

Imports

gdi32

ws2_32

advapi32

comdlg32

kernel32

comctl32

user32

msvcrt

Sections

.text Size: 314KB - Virtual size: 313KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 284KB - Virtual size: 284KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 314KB - Virtual size: 313KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 284KB - Virtual size: 284KB

.rsrc
Size: 16KB - Virtual size: 16KB