ee164c8e1bc5c99a5fcbc67f0bc86f94d367cb60efa9ddcc4d5266237c6964d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee164c8e1bc5c99a5fcbc67f0bc86f94d367cb60efa9ddcc4d5266237c6964d6
Size

242KB
MD5

4718b505587f153f79be8b04fc372591
SHA1

580fc2d91559ae5e92e4d81d8ad7f808f304f4ca
SHA256

ee164c8e1bc5c99a5fcbc67f0bc86f94d367cb60efa9ddcc4d5266237c6964d6
SHA512

7e9482dbf0f720c53f371c925f188da73d9083a5f28f591b17401974542a779cf96405f4e4d723603a241ab8b6bb3ad8eef3b9be7e78049bac05b945870d6591
SSDEEP

3072:DucCpw5RCpw5RCpw5sANR4Cpw5sANRVANR4Cpw5H:Duw5Kw5Kw5sy1w5sy/y1w5H

Score

N/A

Malware Config

Signatures

Files

ee164c8e1bc5c99a5fcbc67f0bc86f94d367cb60efa9ddcc4d5266237c6964d6
.exe windows x86

01b6475f18fb7a47322cfdf48c52d98c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA
CreateProcessA
Sleep
Process32Next
DeleteFileA
TerminateProcess
CloseHandle
OpenProcess
Process32First
CreateToolhelp32Snapshot
ExitProcess
GetCurrentProcessId
GetTickCount
CreateThread
GetLastError
CreateMutexA
WinExec
SetErrorMode
GetStartupInfoA
GetModuleHandleA

ws2_32

socket
htons
connect
closesocket
WSAStartup
gethostname
gethostbyname
WSACleanup
send

psapi

EnumProcessModules
GetModuleFileNameExA

msvcrt

_strcmpi
_itoa
_strdup
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
atoi
strlen
fclose
strcat
fgets
strcpy
fopen
malloc
strstr
fputs
rand
strrchr
strcmp
fwrite
ftell
fseek
memset
sprintf
strtok
printf
srand
__p___argv
__p___argc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_unlink

Sections

.bss
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE