0754c04d63b18bdf8dc0b29bdb7936b2e2ae7c1afe418d9a902dbbd03fcac904

Sharing

Copy URL Twitter E-mail

General

Target

0754c04d63b18bdf8dc0b29bdb7936b2e2ae7c1afe418d9a902dbbd03fcac904
Size

37KB
MD5

5a743a6637ccb6869390124a3114cd00
SHA1

3114a9f9e3f341ac906947bb9ab2cb213dc81685
SHA256

0754c04d63b18bdf8dc0b29bdb7936b2e2ae7c1afe418d9a902dbbd03fcac904
SHA512

9a56fd09b74bd5ac33eb7f79e1baa126cfe62b5e9580b819777c6b54e15a6768a22404b0abbfe837f121583b78b8e36f9ac765bb79b1023a3959bada257c2819
SSDEEP

768:p9Dw0Vmt804ACdvig00gM968Ixw8Idtj6KX4O1dyGJjh4kFo:M0Yt4ACd208J4P/dlJj

Score

N/A

Malware Config

Signatures

Files

0754c04d63b18bdf8dc0b29bdb7936b2e2ae7c1afe418d9a902dbbd03fcac904
.exe windows x86

b0a14966e16d0371d75d07d6ccf2a83b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetModuleHandleA
GetTempPathA
GetLastError
GetProcAddress
GetTickCount
ExitProcess
WaitForSingleObject
CreateMutexA
LoadLibraryA
CopyFileA
TerminateThread
CreateThread
CloseHandle
WriteFile
CreateFileA
ExpandEnvironmentStringsA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
Sleep
GetSystemDirectoryA
GetTimeFormatA
GetLocalTime
CreateProcessA
GetStartupInfoA
GetCommandLineA
GetEnvironmentStrings
WideCharToMultiByte
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
HeapAlloc
VirtualFree
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
VirtualAlloc
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate

user32

SendMessageA
FindWindowA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA

shell32

ShellExecuteA

ws2_32

sendto
inet_addr
gethostbyname
inet_ntoa
send
recv
htons
socket
connect
WSAStartup
WSACleanup
closesocket
gethostbyaddr

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 31KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0a14966e16d0371d75d07d6ccf2a83b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

Sections

.text Size: - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: - Virtual size: 136KB

.pklstb Size: 31KB - Virtual size: 47KB

.relo2 Size: 512B - Virtual size: 60B

.text
Size: - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 136KB

.pklstb
Size: 31KB - Virtual size: 47KB

.relo2
Size: 512B - Virtual size: 60B