996980c1e9df6a59429272960763226ba1d42512d02ddb05c5d73034079dcd85

Sharing

Copy URL Twitter E-mail

General

Target

996980c1e9df6a59429272960763226ba1d42512d02ddb05c5d73034079dcd85
Size

140KB
MD5

51ba8bfacd7b3adfd438a991532a3850
SHA1

ce37184e943377078ff47ea832c7f11c2b37980d
SHA256

996980c1e9df6a59429272960763226ba1d42512d02ddb05c5d73034079dcd85
SHA512

6f3420abce1057532c24b95d5ec71529983fb56b27642c6645c469f8785f70c9a7e0a087b9c79712417e816e8df2ebd69a0fe3fe63ce375ee7dbe0f1b3701c3a
SSDEEP

3072:hrweOTyo6KYcBWvNKCBxEN/T8vG+odz6ofm:VbOTDYcBWTme

Score

N/A

Malware Config

Signatures

Files

996980c1e9df6a59429272960763226ba1d42512d02ddb05c5d73034079dcd85
.exe windows x86

2b628feb93bdf09b896bb1b36cd6a278

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
select
WSAStartup
recv
__WSAFDIsSet
send
shutdown
socket
ioctlsocket
htons
inet_addr
gethostbyname
closesocket

kernel32

CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
LoadLibraryA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
FreeLibrary
GetProcessVersion
GetCurrentProcess
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
HeapSize
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
SetStdHandle
GetFileType
CreateThread
ExitThread
RaiseException
HeapReAlloc
GetACP
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
DuplicateHandle
GetProcAddress
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
InterlockedExchange
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetLastError
LocalFree
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
lstrcpynA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetErrorMode
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
SetConsoleTextAttribute
GetStdHandle
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
SetConsoleCursorPosition
GetCommandLineA
GetModuleHandleA
Sleep
GetLastError
FileTimeToSystemTime

user32

RegisterWindowMessageA
SetWindowPos
SetWindowLongA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ShowWindow
GetSysColorBrush
DestroyMenu
GetWindowPlacement
GetSystemMetrics
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowLongA
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
SetCursor
GetMessageA
TranslateMessage
GetActiveWindow
SendMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
LoadStringA
PostMessageA
PostQuitMessage
wsprintfA
SystemParametersInfoA
LoadCursorA
IsIconic
DispatchMessageA

gdi32

ExtTextOutA
TextOutA
Escape
RectVisible
GetObjectA
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b628feb93bdf09b896bb1b36cd6a278

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 448B

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 448B