27194c1764196e6ef2536249d365e50e86216708f90c3bfe096d94c4a8428b44

Sharing

Copy URL Twitter E-mail

General

Target

27194c1764196e6ef2536249d365e50e86216708f90c3bfe096d94c4a8428b44
Size

695KB
MD5

0c276e357fffb493a0d8405ffc599f90
SHA1

fb9268ceac384c7dc362166944985c51f1a18f8d
SHA256

27194c1764196e6ef2536249d365e50e86216708f90c3bfe096d94c4a8428b44
SHA512

bf05d2307f84ab440ffbb2ca6df7827f9e5e6a46e5c1f7c0026898ecc6070b16269c9581b4d2cc73009a8f9d2f9a6d114946f44bc52a97e31385306c4b8947c8
SSDEEP

12288:4xTi2RZn5W9ox4ea6+legkX4uKsV6tojNRBnnkOOwzQOwNnYc5yp:XWx4epthV6qNRBnkOOvg

Score

N/A

Malware Config

Signatures

Files

27194c1764196e6ef2536249d365e50e86216708f90c3bfe096d94c4a8428b44
.exe windows x86

d2215f5fd593f3f8ea67729ca52b8874

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

adbwinapi

AdbGetSerialNumber
AdbGetUsbDeviceDescriptor
AdbGetUsbInterfaceDescriptor
AdbCreateInterfaceByName
AdbGetInterfaceName
AdbReadEndpointSync
AdbOpenDefaultBulkReadEndpoint
AdbEnumInterfaces
AdbCloseHandle
AdbOpenDefaultBulkWriteEndpoint
AdbWriteEndpointSync
AdbNextInterface
AdbGetEndpointInformation

ws2_32

gethostbyname
accept
setsockopt
connect
WSAStartup
htonl
WSAGetLastError
listen
htons
WSAEventSelect
shutdown
WSACleanup
recv
bind
socket
WSACreateEvent
closesocket
send
WSAEnumNetworkEvents

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
InterlockedExchange
TerminateProcess
InterlockedCompareExchange
SetHandleInformation
WriteFile
Sleep
LeaveCriticalSection
CreateProcessA
ReadFile
GetStdHandle
GetLastError
EnterCriticalSection
SetConsoleCtrlHandler
CreatePipe
GetModuleFileNameA
FlushConsoleInputBuffer
GetTempPathA
WideCharToMultiByte
MultiByteToWideChar
GetLocalTime
CreateFileA
GetFileSize
SetFilePointer
WaitForSingleObject
CloseHandle
SetEvent
InitializeCriticalSection
CreateEventA
ResetEvent
WaitForMultipleObjects
DeleteCriticalSection
SetLastError
GetCurrentThreadId
GetProcAddress
GetModuleHandleA
GetVersion
GetFileType
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
FreeLibrary
LoadLibraryA
GetVersionExA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

advapi32

ReportEventA
RegisterEventSourceA
DeregisterEventSource

shell32

SHGetFolderPathA

msvcr90

_chmod
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
_invoke_watson
_controlfp_s
_strdup
_getpid
_access
_read
_unlink
_umask
_XcptFilter
_cexit
sscanf
strncmp
free
calloc
malloc
strerror
__iob_func
strchr
fflush
atoi
_snprintf
_errno
strtol
strncpy
printf
fopen
setvbuf
fprintf
vfprintf
getenv
strpbrk
exit
_mkdir
fclose
_stat64i32
sprintf
strtoul
strncat
perror
_beginthread
isalpha
isdigit
fwrite
strrchr
abort
_mktime64
_findnext64i32
_findclose
_chdir
??3@YAXPAX@Z
_findfirst64i32
??2@YAPAXI@Z
_endthreadex
_beginthreadex
realloc
fgets
memset
memcpy
ferror
fread
_setmode
_fileno
ftell
feof
fseek
_wfopen
memmove
wcsstr
_vsnprintf
_exit
raise
_strnicmp
isspace
qsort
_time64
strcmp
isxdigit
tolower
_gmtime64
isupper
_stricmp
fputs
signal
_getch
strstr
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_getcwd

Sections

.text
Size: 430KB - Virtual size: 429KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 99KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2215f5fd593f3f8ea67729ca52b8874

Headers

DLL Characteristics

File Characteristics

Imports

adbwinapi

ws2_32

kernel32

user32

advapi32

shell32

msvcr90

Sections

.text Size: 430KB - Virtual size: 429KB

.rdata Size: 154KB - Virtual size: 153KB

.data Size: 4KB - Virtual size: 85KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 99KB - Virtual size: 100KB

.text
Size: 430KB - Virtual size: 429KB

.rdata
Size: 154KB - Virtual size: 153KB

.data
Size: 4KB - Virtual size: 85KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 99KB - Virtual size: 100KB