1f3fa56aab53aadd79b7ae10eea7d12b5f69fcd874d204648a53a7a94222e359

Sharing

Copy URL Twitter E-mail

General

Target

1f3fa56aab53aadd79b7ae10eea7d12b5f69fcd874d204648a53a7a94222e359
Size

1.4MB
MD5

b14100eb5265eeb29bbafc0bcc877d3c
SHA1

3bc70be62299e982f61a30fbf9ae23788e2701ae
SHA256

1f3fa56aab53aadd79b7ae10eea7d12b5f69fcd874d204648a53a7a94222e359
SHA512

384fbeb4f0f7ee7c1ea7091af21e37ba484ed15671b5e992cbe4ce9d1e0dd521e09d2e63f02ac8f513f1b474851326985062934b11312d23f844247a8771c9e4
SSDEEP

24576:MWW31vV+6/qmR5GyEnvjnAeZfVpbQUoA0COQWoRY:JCm6/qmR5GyEnvjnAedrogOQVR

Score

N/A

Malware Config

Signatures

Files

1f3fa56aab53aadd79b7ae10eea7d12b5f69fcd874d204648a53a7a94222e359
.exe windows x86

2cf9699c32c48a69477e1c3be0585fe3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetProcAddress
TlsFree
GetComputerNameA
AreFileApisANSI
SetWaitableTimer
VerifyVersionInfoA
RegisterWaitForSingleObject
TerminateProcess
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
WaitForSingleObject
GetSystemDirectoryW
DuplicateHandle
MultiByteToWideChar
TerminateThread
CloseHandle
QueueUserAPC
UnregisterWaitEx
DeleteCriticalSection
VerSetConditionMask
WideCharToMultiByte
TlsGetValue
CreateProcessA
CreateIoCompletionPort
GetExitCodeProcess
InitializeSRWLock
TlsSetValue
HeapFree
GetLastError
GetCurrentThreadId
CreateEventW
ReleaseSRWLockExclusive
SetEvent
AcquireSRWLockExclusive
WaitForSingleObjectEx
ReleaseSRWLockShared
CreateThread
HeapAlloc
CreateWaitableTimerA
AcquireSRWLockShared
GetProcessHeap
SleepEx
GetSystemTimeAsFileTime
CreateEventA
GetTickCount
PostQueuedCompletionStatus
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
FindNextFileA
FindFirstFileExA
ReadConsoleW
GetTimeZoneInformation
OutputDebugStringW
GetModuleHandleA
GetEnvironmentVariableA
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
SetLastError
SetEnvironmentVariableW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetACP
ExitProcess
HeapReAlloc
FreeLibraryAndExitThread
ExitThread
WriteConsoleW
GetModuleHandleExW
GetFileType
LoadLibraryExW
FreeLibrary
RaiseException
RtlUnwind
FormatMessageW
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
DecodePointer
Sleep
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
GetCurrentDirectoryW
CreateFileW
FindClose
GetFileAttributesW
SetEndOfFile
SetFilePointerEx
DeviceIoControl
FormatMessageA
LocalFree
ResetEvent
ReleaseSemaphore
WaitForMultipleObjectsEx
OpenEventA
GetCurrentProcessId
SystemTimeToFileTime
GetLocaleInfoA
IsValidCodePage
IsDBCSLeadByteEx
EnumSystemLocalesA
FoldStringW
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
WakeAllConditionVariable
SleepConditionVariableSRW
GetModuleFileNameW
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetStdHandle
CreateProcessW
GetConsoleWindow
ReadFile
WriteFile
SetEnvironmentVariableA
InterlockedPushEntrySList
GetModuleFileNameA

user32

PostMessageA
ShowWindow
SetWindowPos
UpdateWindow
RegisterClassExA
PostQuitMessage
LoadIconA
TranslateMessage
CreateWindowExA
DefWindowProcA
LoadCursorA
DispatchMessageA
GetMessageA
GetWindowLongA

advapi32

RegCloseKey
RegQueryValueExA
GetUserNameA
RegOpenKeyExA
RegEnumKeyExA

ws2_32

WSAStartup
setsockopt
ioctlsocket
WSARecv
WSASetLastError
shutdown
WSASend
closesocket
htons
htonl
WSASocketW
WSAStringToAddressW
listen
ntohl
WSACleanup
bind
WSAGetLastError

mswsock

GetAcceptExSockaddrs
AcceptEx

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cf9699c32c48a69477e1c3be0585fe3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

mswsock

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 257KB - Virtual size: 257KB

.data Size: 36KB - Virtual size: 44KB

.gfids Size: 2KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 65KB - Virtual size: 64KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 257KB - Virtual size: 257KB

.data
Size: 36KB - Virtual size: 44KB

.gfids
Size: 2KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 65KB - Virtual size: 64KB