55d0f3253b24335b29327ee39b08fea51dadf7863de2d558dc1502a5e0e96934

Sharing

Copy URL Twitter E-mail

General

Target

55d0f3253b24335b29327ee39b08fea51dadf7863de2d558dc1502a5e0e96934
Size

212KB
MD5

58d97c16b46d7a26d2b2250d95976950
SHA1

bbc66d51006a8b124fba142461f9b30d7a4382fa
SHA256

55d0f3253b24335b29327ee39b08fea51dadf7863de2d558dc1502a5e0e96934
SHA512

205ee2a3dfe5c87a4fed57d5361986cf368e93da27a2c2f4fe89fc92a1cdb4c2b7b8383fa495c84a33094d32753f559b33080bffbf6ee9efa95efd6509c8aab8
SSDEEP

6144:5Vdf/dN3C91JP4VkKn+mQV1BrP5ewK8XcpDdj/k/3VTy:3Fr3C91JAVB+mCFW8Mpp/k/3Vu

Score

N/A

Malware Config

Signatures

Files

55d0f3253b24335b29327ee39b08fea51dadf7863de2d558dc1502a5e0e96934
.exe windows x86

50e71e1f7a5f2e704d956f63cf1d1662

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
lstrcpyW
lstrcpyA
DeleteCriticalSection
IsBadCodePtr
GlobalAlloc
GlobalHandle
GetFileSize
HeapAlloc
FreeLibrary
SetFilePointer
GetCurrentProcess
InterlockedExchange
WriteFile
GetFileAttributesW
CreateThread
SetThreadPriority
WaitForSingleObject
GetProfileIntA
GetStartupInfoA
lstrcmpiW
CreateFileW
HeapFree
GetThreadPriority
lstrlenA
GetVersionExW
lstrcmpW
IsBadReadPtr
VirtualFree
GetSystemDefaultLangID
MulDiv
GetDiskFreeSpaceW
InitializeCriticalSection
MultiByteToWideChar
GetCurrentProcessId
GetLastError
GetQueuedCompletionStatus
GlobalMemoryStatus
lstrcpynW
GetProcessHeap
LeaveCriticalSection
ResetEvent
GlobalLock
SetEndOfFile
SetEvent
GetPrivateProfileStringW
GetProcAddress
ReadFile
IsBadWritePtr
CloseHandle
GetCurrentThread
GlobalUnlock
GetSystemTimeAsFileTime
CreateEventW
lstrlenW
EnterCriticalSection
WaitForMultipleObjects
GlobalFree
SetUnhandledExceptionFilter
InterlockedIncrement
OutputDebugStringW
LoadLibraryW
WideCharToMultiByte
GetEnvironmentStringsW
GetTickCount
QueryPerformanceCounter
GetModuleFileNameA
CreateSemaphoreW
InterlockedDecrement
GetFullPathNameW

user32

LoadCursorW
DispatchMessageW
PeekMessageW
ShowWindow
GetDC
GetAsyncKeyState
TranslateMessage
MoveWindow
IsWindowVisible
SetWindowLongW
DestroyWindow
SetCursor
EnableWindow
CheckRadioButton
IsRectEmpty
GetDlgItem
IsWindow
DefWindowProcW
GetDlgItemInt
SendMessageW
CreateDialogParamW
InvalidateRect
GetDesktopWindow
GetWindowLongW
ReleaseDC
GetClientRect
GetWindowRect
SetDlgItemInt
CheckDlgButton
LoadStringW
ClientToScreen
SetDlgItemTextW

netshell

DllGetClassObject
StartNCW
NcIsValidConnectionName

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50e71e1f7a5f2e704d956f63cf1d1662

Headers

File Characteristics

Imports

kernel32

user32

netshell

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 35KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 35KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 2KB - Virtual size: 1KB