2b664f4042c377f869fc29df9553528736134baa617a1f1f1ac8b36b3d236fed_unpacked

Sharing

Copy URL Twitter E-mail

General

Target

2b664f4042c377f869fc29df9553528736134baa617a1f1f1ac8b36b3d236fed_unpacked
Size

27KB
MD5

da6413b94435f7bd2d77c539259c480a
SHA1

6f2affac859c7b75276bffa4c6e9645b92f74ae5
SHA256

4e26a3ccd00a4d45453504a25d6eb69897cc4aec40cca1993bb3fc3c415d396d
SHA512

eb54fd66f431e86a7e5ae17779bee7d5c9762d6a024c8b5dba4da5aee5e17d94f52889f978a0ce24ef2b3385cb27815a946bbbb38da0d555f1b1e120d0f5f3e7
SSDEEP

768:+qnhxxCnQwNbW9VhsgHOfljL2Xh7wtmhHjArUDVQhtgP:Rhxx8aXh7wtmd0htgP

Score

N/A

Malware Config

Signatures

Files

2b664f4042c377f869fc29df9553528736134baa617a1f1f1ac8b36b3d236fed_unpacked
.exe windows x86

09b7505cb487c9d97497b0bb17100224

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

isdigit
isalpha
strlen
_snwprintf
_controlfp
_except_handler3
__set_app_type
rand
srand
memset
wcsstr
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
wcscmp
ftell
fseek
fclose
fwprintf
_acmdln
exit
_XcptFilter
_exit
strcat
malloc
wcslen
strtok
strcmp
strncmp
memmove
strncpy
_snprintf
strstr
strchr
_wfopen
memcpy

ws2_32

closesocket
WSAStartup
htons
socket
connect
inet_addr
gethostbyname
send
recv
select
WSACleanup

wininet

InternetOpenUrlA
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetOpenA

urlmon

URLDownloadToFileW

shlwapi

PathFileExistsW
PathFindFileNameA

kernel32

GetModuleFileNameW
GetLogicalDriveStringsW
GetDriveTypeW
SetErrorMode
GetVolumeInformationW
SetFileAttributesW
CreateDirectoryW
CopyFileW
FindFirstFileW
GetFileAttributesW
FindNextFileW
FindClose
GetTempPathW
MultiByteToWideChar
GetTickCount
GetLocaleInfoA
ExitProcess
CreateFileW
WriteFile
CloseHandle
ExitThread
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
WaitForSingleObject
CreateThread
GetModuleHandleA
GetStartupInfoA
ExpandEnvironmentStringsW
GetLastError
CreateProcessW
CreateMutexA
DeleteFileW

user32

GetClipboardData
CloseClipboard
OpenClipboard
EmptyClipboard
wsprintfA
SetClipboardData

advapi32

RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ord680
SHGetFolderPathW
ShellExecuteW

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09b7505cb487c9d97497b0bb17100224

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ws2_32

wininet

urlmon

shlwapi

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB